Posts by Pearce Barry

January 14, 2022

Ringing in 2022 with vulns, more vulns, and CISA guidance

Wrapping up 2021 and kicking off 2022, there were no shortages of vulnerabilities, vendor security advisories, patches, and active exploitations. Oh, did we mention, even more vulnerabilities and more patches? To ring in 2022 accordingly, let’s discuss some recent …

Read More

December 10, 2021

Finding applications that use Log4J

Last updated on January 17, 2021 at 16:00 CST (-0600) Rumble can help you build an up-to-date asset inventory and search for assets that may be affected by the recent spate of Log4J vulnerabilities (e.g. Log4shell, etc.). You can then share the results with your security …

Read More

December 8, 2021

Finding Grafana instances

A zero-day vulnerability for Grafana, a popular analytics and visualization software, was leaked this week. This vulnerability provides attackers a path traversal attack vector that can result in data disclosure, resulting in access to files containing confidential …

Read More

December 3, 2021

Finding HP printers and MFPs vulnerable to Printing Shellz

Do you have HP printers and multi-function printers (MFPs)? You might want to look at the two recently published vulnerabilities that affect 150+ models. Named “Printing Shellz” by the F-Secure security researchers who reported them, these vulns have been around for ~8 …

Read More

November 10, 2021

Finding Nucleus TCP/IP assets with accessible FTP services

Researchers at Forescout recently published findings on a new set of 13 vulnerabilities with the Nucleus RTOS TCP/IP stack, collectively referred to as NUCLEUS:13. Originally released in 1993, Nucleus is found in many different types of products, including devices in the …

Read More

November 9, 2021

Tracking asset ownership with tags

Asset discovery is our bread-and-butter at Rumble, allowing us to surface network-connected systems and devices to our users. Once you have an asset inventory, you can track asset ownership with Rumble, which allows you to identify assets that have been orphaned and are no …

Read More

October 28, 2021

Finding PAX point-of-sale devices

PAX Technologies, a China-based company that manufactures a LOT of point-of-sale (POS) terminal devices, has been in the news this week following an FBI raid of a PAX Florida facility. While the FBI didn’t officially confirm much beyond serving a court-authorized search, a …

Read More

October 25, 2021

Finding Cisco devices running IOS XE

Cisco recently disclosed a command execution vulnerability that affects some versions of IOS XE SD-WAN software running on Cisco routing devices and virtual instances. With a CVSSv3 score of 7.8, this vulnerability (assigned CVE-2021-1529) is due to inadequate input …

Read More

October 5, 2021

Finding Apache HTTP Server instances

Update: The 2.4.50 fix was incomplete and we strongly recommend upgrading to 2.4.51 or newer. The Apache Software Foundation recently announced a path traversal vulnerability present in version 2.4.49 of the Apache HTTP Server software. Due to insufficient coverage of …

Read More

September 21, 2021

Finding Hikvision IP cameras and recorders on your network

Newly published security research from Watchful IP reveals an unauthenticated code execution vulnerability (assigned CVE-2021-36260) present in many Hikvision networked video devices. With a “critical” CVSS score of 9.8, this vulnerability affects a long list of Hikvision …

Read More