FOSSA’s Post

CISA's Known Exploited Vulnerabilities (KEV) catalog is a solid and rigorous publication for #ThreatIntelligence, however it can take months for the list to be updated with security flaws that threaten your organization NOW. Even #CISA recommends organization use multiple sources of information to analyze threats. The problem? Threat Intelligence isn't intelligence at all until it is contextualized. CTIQ meticulously scrutinizes threat information for relevance to your threat landscape, and provides meaningful, actionable intelligence in a streamlined remediation playbook. #threatintel #CISOlife https://lnkd.in/e_xxRQUK

TIL: Checking for CISA Known Exploited Vulnerabilities on a budget! One thing organizations face is making the right risk priority decisions for fixing vulnerabilities. You don't want to waist your developers time with things that are not a problem anyway. CISA has created a list of CVE that are know to be exploited in the wild. Its know as the CISA KEV. This is list is also followed by a operational directive for Federal organisations in the US that require them to fix these known exploitable vulnerabilities. I'm often looking how to use the OSS tooling that is available to secure things more. As we are all facing the cost question. Grype by Anchor is a well known vulnerability scanner in OSS and it output can be well easily combined with the provided list from CISA. I found this article by Anchor that easily explains how to use it. Give it a try and make your pipelines blocking at the very least for these Known Exploited Vulnerabilities! https://lnkd.in/gRjCmQkt #cybersecuritytips #supplychainsecurity #containersecurity #itsecurity #cisa #kev

Fast action is essential for protection against exploits. In Q1 of 2024, CISA cataloged 40 new Known Exploited Vulnerabilities. Discover if your vendors are on the list and how to take action🔒 Read more: https://bit.ly/43PTf9F

Do you know which 3rd party applications and vendors may be posing the most risk for your organization? Take a look at this insightful analysis from Sarah Gray on the 40 new exploited vulnerabilities from last quarter. Rapid remediation of these vulnerabilities through autonomous patching is key to continuously managing threat exposure levels. Schedule a demo or join a Patch Preview seasion on our website to discover how Adaptiva can help.

Which vulnerabities have been exploited? Check out CISA's strategy. "The purpose of CISA's KEV is (Known Exploited Vulnerabilities) simple: while focusing on vulnerabilities that have been exploited isn’t sufficient, it’s absolutely necessary – so let’s start there."

Great TechTarget article on Patrick Garrity 👾🛹💙's research here at VulnCheck where the highlight is that basically 93% of all vulnerabilities have not been analyzed by the NVD team. VulnCheck solves this problem for any cyber product/platform, or any enterprise team's workflows that rely on this data. Check out this article but just hit vulncheck.com to register for our Community Tier for stable, reliable NVD data and our VulnCheck KEV feed featuring over 100% more known exploited vulnerabilities. https://lnkd.in/eXXVWdt3

This article highlights the critical need for companies to diversify their threat intelligence sources. In today's rapidly evolving threat landscape, relying solely on the KEV list for vulnerability management programs will not be sufficient. What additional sources of threat intelligence do you currently leverage to stay ahead of emerging cybersecurity threats? #Cybersecurity #ThreatIntelligence

CISA's Known Exploited Vulnerabilities catalog shouldn't be your only source of threat intelligence. @RobLemos digs into why. Exploited Vulnerabilities Can Take Months to Make KEV List https://lnkd.in/duxSVXVB #DRTheEdge

On March 8, QNAP published a security advisory detailing a critical vulnerability affecting multiple QNAP products, CVE-2024-21899 (CVSS: 9.8). It allows an unauthenticated threat actor to remotely compromise the security of the system via the network due to improper authentication mechanisms in low complexity attacks. Furthermore, the advisory disclosed two other vulnerabilities, CVE-2024-21900 and CVE-2024-21901, which are command and SQL injection based. These vulnerabilities require threat actors to be authenticated on the target system, thus significantly reducing their risk. Learn more, including our recommendations for remediation, in our latest security bulletin. #EndCyberRisk

On March 8, QNAP published a security advisory detailing a critical vulnerability affecting multiple QNAP products, CVE-2024-21899 (CVSS: 9.8). It allows an unauthenticated threat actor to remotely compromise the security of the system via the network due to improper authentication mechanisms in low complexity attacks. Furthermore, the advisory disclosed two other vulnerabilities, CVE-2024-21900 and CVE-2024-21901, which are command and SQL injection based. These vulnerabilities require threat actors to be authenticated on the target system, thus significantly reducing their risk. Learn more, including our recommendations for remediation, in our latest security bulletin. #EndCyberRisk