Grey Noise

Discover how GreyNoise seamlessly integrates robust security with intuitive design, empowering users with user-centric solutions. From clutter-free interfaces to inclusive design philosophy, explore how our commitment to simplicity and accessibility transforms cybersecurity.

Curious about decrypting Fortinet's FortiOS 7.0.x firmware? In the latest Grimoire post, we delve into the technical details of doing just that, revealing a hardcoded key used in the ChaCha20 encryption algorithm and the steps required to extract the decrypted rootfs.gz file.

GreyNoise celebrates reaching its 1,337th tag, attributing its success to the practical use of AI, particularly the creation of Sift. This has led to increased tag creation and expanded coverage of vulnerabilities.

On April 12th, 2024, Palo Alto Networks disclosed CVE-2024-3400, a critical command injection vulnerability in PAN-OS software versions 10.2, 11.0, and 11.1, allowing unauthenticated attackers to run arbitrary code with root privileges on affected firewalls when GlobalProtect gateway and device telemetry are active.

In this post, you'll discover how GreyNoise is reshaping cybersecurity using AI, with initiatives for anomaly discovery and targeted attack identification. Also, get up to speed on our new plug-in for Microsoft Copilot for Security.

Stay informed about a critical remote code execution vulnerability affecting D-Link NAS devices. It is being tracked under CVE-2024-3273 and believed to affect as many as 92,000 devices.

GreyNoise is announcing the launch of NetNoiseCon, an online conference series hosted by GreyNoise aimed at advancing InfoSec education and fostering community collaboration, featuring technical talks and career advice from industry experts.

Welcome to our Monthly Roundup, where we curate a unique mix of articles, books, podcasts, and more that have captured the attention of the GreyNoise team. From deeply technical articles to literary treasures, join us on this eclectic journey through the media that sparks our curiosity each month. Explore + discover as we share the gems that have fueled our inspiration!

Despite rumors to the contrary, CVE-2023-22527 isn’t dead! See what it’s been up to in the weeks since it was all the rage.

This post steps through the process of discovering CVE-2024-21762, a non-disclosed out-of-bounds write vulnerability in Fortinet FortiOS and FortiProxy

This post explores the utility and methodology behind GreyNoise tags, emphasizing their role in analyzing network data from a non-IP-centric perspective to identify patterns, behaviors, and potential threats.

This post introduces GreyNoise Labs' series on BTLE, highlighting its privacy and security implications, as well as the journey from basic usage to sophisticated system development, offering insights for cybersecurity professionals and tech enthusiasts alike.

Welcome to our Monthly Roundup, where we curate a unique mix of articles, books, podcasts, and more that have captured the attention of the GreyNoise team. From deeply technical articles to literary treasures, join us on this eclectic journey through the media that sparks our curiosity each month. Explore + discover as we share the gems that have fueled our inspiration!

In 2021, Ivanti patched a vulnerability that they called “code injection”. Rumors say it was a backdoor in an open source project. Let’s find out what actually happened!

See why Andrew Morris, GreyNoise's founder, is thrilled to step into his dream role as Chief Architect, focusing on technical innovation and AI strategy. With Ash Devata joining as CEO, Andrew is excited to partner with someone known for their customer focus and industry expertise, ensuring GreyNoise continues to thrive in the ever-evolving landscape of cybersecurity.

Discover insights into the drawbacks of a proposed ban on open-source SDR, and explore the argument for enhanced security measures to strike a balance between innovation and safeguarding against vulnerabilities in wireless systems.

Discover how CISA's Ransomware Vulnerability Warning Pilot (RVWP) and GreyNoise tags can bolster your cybersecurity. Learn to utilize actionable intelligence from GreyNoise to combat ransomware threats and protect your organization's technology stack, from collaboration tools to middleware services. Stay ahead of diverse ransomware attacks with our in-depth analysis and strategic defense guidance.

Welcome to our Monthly Roundup, where we curate a unique mix of articles, books, podcasts, and more that have captured the attention of the GreyNoise team. From deeply technical articles to literary treasures, join us on this eclectic journey through the media that sparks our curiosity each month. Explore + discover as we share the gems that have fueled our inspiration!

Discover the key insights from GreyNoise Labs' report on mass exploitation in 2023, including: Observations on attacker tactics and behaviors: the impact of 242 Common Vulnerabilities & Exposures (CVEs); and, the role of nation-state conflicts in the mass exploitation landscape. Learn how GreyNoise's detection network and research contribute to a safer internet.

If you want to know way too much about attacks against F5 BIG-IP devices, then this is the blog for you!