top of page


Jan 27, 2024
What We Can Learn from the Midnight Blizzard Attack on Microsoft
#ASM #MidnightBlizzard #CozyBear #Nobelium #APT29 #UNC2452 #CTI On January 12, 2024, Microsoft detected an attack on their email systems...


Jan 26, 2024
Web Applications: Don't Sleep on this Attack Surface
#pentesting #webapplicationsecurity #ASM #WordPressplugins We talk a lot about attack surfaces because it is a useful construct in...

Jan 23, 2024
Hackers Exploiting Confluence RCE Vulnerability
#cybersecurity #asm #ai #aisecurity Summary Cyber heroes take note: hackers are beginning to exploit a critical RCE vulnerability in...

Jan 19, 2024
CISA Issues Emergency Directive on Connect Secure Vulnerability
#ASM #CISA #EmergencyDirective #ConnectSecure #whatsonyourattacksurface CISA issued a rare emergency directive instructing all Federal...

Jan 18, 2024
Update on OpenSSH Vulnerability and Terrapin Attack
#ASM #terrapinattack #OpenSSH #whatsonyourattacksurface Summary Hey cyber heroes, quick update on the SSH vulnerability known as the...

Jan 15, 2024
SPF, DMARC: What is It and Why Do We Need It?
#DMARC #SPF #ASM #whatonyourattacksurface #themoreyouknow When check your domain security, one of the key attributes we look for is your...

Jan 12, 2024
SharePoint Vulnerability Added to CISA KEV List -- Must Patch by Jan 31
#CISA #KEV #ASM #whatsonyourattacksurface Summary Hey cyber heroes! It's been a busy start to the year, and I wanted to share an...

Jan 12, 2024
US HHS Contemplating Levying New Requirements on Healthcare Providers for Cybersecurity
#ASM #whatsonyourattacksurface? Summary Hey cyber heroes, in this video, I discuss an article that highlights how the federal government...


Jan 11, 2024
New Ransomware Attack 'Mimic' Exploits MS-SQL
#ransomware #mimic #ASM Heads up Cyber Heros! A new menace is on the loose, and it goes by the name 'Mimic.' Emerging from the shadows of...

Jan 7, 2024
Hackers Target Apache Servers Vulnerable to RCE Attacks
Quick rundown on remote command execution (RCE) vulnerabilities in two Apache server products: Apache RocketMQ NameServer and Apache ERP....

Jan 5, 2024
SSH Vulnerable to Downgrade Attack
Photo credit: bleeping computer #SSH #ASM #vulnerability #CVE-2023-48795 #CVE-2023-46445 #CVE-2023-46446 In a prior blog, SSHhhh, Hackers...


Jan 4, 2024
Cracking the Code: Unveiling the Five Pillars of Cybersecurity
#MSP #MSSP #Smallbusinesscybersecurity #cybersecurity Ever wandered through the maze of a security conference or managed services...

Dec 31, 2023
SSHhhh, Hackers At Work Here
#Linux #SSH #Hacking #ASM #Pentest #malware #cryptominers We all love to read about sexy exploits that involve zero-days and...


Dec 29, 2023
ASM, CAASM, VM: What is all this Hullabaloo?
#ASM #CAASM #VM Welcome to the ThreatMate Threat Intelligence Blog, abbreviated (TIB) in the spirit of all these acronyms. We thought it...
bottom of page