Skip to content

Kamanashish Roy

Ransomware Blog 2023 Firecompass

Achieve 26% Ransomware Risk Reduction By Fixing These CVEs

As per Threat Intel data published by IBM Xforce, 80% of the times, Ransomeware gets initial access using top 3 Attack Vectors – exploiting vulnerabilities contribute 26%, Shadow IT & Stolen Credentials contribute 16%, various variants of phishing attacks contribute 41%, and the rest by other attack vectors. It means that Shadow IT Discovery, identifying… Read More »Achieve 26% Ransomware Risk Reduction By Fixing These CVEs

CVE Risk Alert Firecompass banner

New & Critical CVEs Exploited In Wild – 3CX Supply Chain, IBM Aspera Faspex, Forta GoAnywhere, Apache Spark UI & More

For the last week, Firecompass Research Team have focused on 10 brand-new vulnerabilities which are Critical in severity. They are published by the global security research community. Ransomware groups and APT target many of these vulnerabilities to get Initial Access. All the vulnerabilities have Proof of Concepts (PoC) exploit code publicly available on GitHub. That… Read More »New & Critical CVEs Exploited In Wild – 3CX Supply Chain, IBM Aspera Faspex, Forta GoAnywhere, Apache Spark UI & More

Critical CVE Alert - Blog header - Firecompass

(CVE Update March 2023) New and Critical CVEs Exploited In Wild

For the last 2 weeks, Firecompass Research Team focused on 9 brand-new vulnerabilities which are Critical in severity, published by the global security research community. Ransomwares are targeting many of these vulnerabilities to get initial Access. All the vulnerabilities have Proof of Concepts (PoC) exploit code publicly available on Github making it is easy for… Read More »(CVE Update March 2023) New and Critical CVEs Exploited In Wild

CART and Penetration Testing suggesstion Firecompass

5 Reasons Gartner Suggests Automated Penetration Test & Red Teaming

As cyber threats continue to evolve and become more sophisticated, it is imperative for organizations to adopt a proactive approach to cyber security. One of the most effective ways to do this is through automated penetration testing and red teaming. We analyzed Gartner’s recent “Hype Cycle for Security Operations 2022″ which studies Automated Red Teaming. According to… Read More »5 Reasons Gartner Suggests Automated Penetration Test & Red Teaming

Top 25 Tools For Red Teaming

Top 25 Tools For Red Teaming

What is Red teaming? Red teaming is a valuable technique that can help you to identify and mitigating security vulnerabilities in your organization’s attack surface by simulating real-world attacks. Organizations use hundreds of tools to conduct traditional or manual red teaming activities in different combinations. Here are top 25 most common tools used by Red… Read More »Top 25 Tools For Red Teaming