The Vulnerabulletin Issue #5

Welcome to issue #5 of The Vulnerabulletin - your one-stop-shop for industry news, Intruder updates and memes doing the rounds on our Slack channels. This month, we’re tackling the 'middle child' syndrome - exploring the challenges facing midmarket security teams. We also dive into why aspects of your attack surface might be unnecessarily internet-facing and how to reduce exposure before the next zero-day hits. Finally, we’ve curated a list of 19 industry voices actually worth your attention.

‍

‍

Midmarket security teams are under strain 💔

Is confidence in your security posture based on operational reality - or distance from it?

We asked 500+ senior security decision-makers how confident they are in their ability to identify and remediate critical threats, and whilst 65% of C-level execs said "very confident", at middle management level that drops to 36%.

Our new report unpacks this confidence gap and the wider reality of mid-market security - from digital estate growth and tech stack complexity, to resourcing and board conversations. Read our deep-dive into the struggle for those orgs with growing attack surfaces but lean teams doing the heavy lifting.

Is your attack surface chronically online? 👀

If a vulnerable service isn't reachable from the internet in the first place, you buy yourself more time - and with attackers often exploiting critical vulnerabilities within 24-48 hours of disclosure, that time is crucial.

 ToolShell made this painfully clear last year when thousands of SharePoint instances were publicly accessible despite having no reason to be internet-facing.

 Intruder's Head of Security Dan Andrew explains below why attack surface reduction is your first line of defence, and how reducing unnecessary exposure ahead of time means you're not racing the clock when the next zero-day hits.

Who's who in the cybersec industry? ✨

In an age where anyone can voice their opinions and predictions online, it can be difficult to know who’s actually worth following in cybersecurity.

 We pulled together 19 security leaders we think are worth keeping an eye on - the people sharing real-world lessons directly from the job including incidents, vulnerabilities and the day-to-day reality of running security teams.

 Read our list to see who are the 19 voices we keep coming back to and why.

The Vulnerabulletin Board 📌

What our security team has been reading (and meme-ing) this month...

📱 US contractor likely built hacking tool used by Russia (TechCrunch) - the creation of an advanced hacking toolkit, used by Russian spies to hack iPhones in Ukraine, has been traced back to a US military contractor.

 🤖 Hacking McKinsey's internal AI platform (CodeWall) - a deep dive into how one team got full read and write access to McKinsey's AI platform's entire production database with nothing but a domain name and 2 hours.

🔑 Claude's innocent prompt became an exploit opportunity (Truffle Security) - When AI agents were given a simple research task on cloned corporate websites, they soon autonomously discovered and exploited vulns to get the task done.

🏆 Our meme of the month:

What's new in Intruder 💡

💬 GregAI now remembers your conversations - Tired of re-explaining problems every time you close the chat window? GregAI now has persistent chat history, so you can pick up conversations exactly where you left off and switch contexts without losing your thread. More time fixing issues, less repetiton.