MergeBase’s Post

Super interesting when a flaw quietly exists in software for more than 10 years, but I'm glad it was caught and patched. I threw together a script to identify and validate CVE-2024-36416, which I was issued the other week. The affected product is SuiteCRM. This is an open-source customer relationship management application available to everyone. Vulnerability research is imperative for code that is open to the public, and for this matter any product that has code. The script can be found on my GitHub https://lnkd.in/gT5gsfQp. #vulnerability #cve #security #patch

Managing vulnerabilities is a never-ending battle, but it's essential for keeping your enterprise secure. 🚨 In our latest blog, Dustin S. Mooney dives into the Harden phase of the Harden, Detect, and Respond process, shedding light on the continuous challenges and critical steps for effective vulnerability management. Key Takeaways: - Vulnerability management is a continuous, unique process for every enterprise. - It demands dedicated staff, intimate software knowledge, and can impact production systems. - The recent delays in the National Vulnerability Database highlight the need for alternative sources. Discover actionable strategies to strengthen your vulnerability management efforts and safeguard your organization. 🔐 Check out the full blog now! 👇 #CyberSecurity #VulnerabilityManagement #Infosec #CyberAware #EnterpriseSecurity

Many organizations scrambled today to address the newly discovered "XZ Backdoor" (CVE-2024-3094), which was maliciously inserted into an open-source library commonly used in many environments. This incident highlights the critical need for true software analysis – understanding exactly what's in your software, how it's used, and why. The good news? Mend.io's container reachability goes beyond simple dependency scanning. It reveals whether a library is actively used and shows the precise execution path within the filesystem. This granular insight empowers you to assess your true risk and prioritize vulnerabilities with laser focus. #DevSecOps #appsec #codeanalysis Mend.io | Atom Security (Acquired by Mend.io)

Remember the scramble to patch the malicious "XZ Backdoor" hidden in a popular open-source library? This highlights why traditional security tools just aren't enough. You need to truly understand your code: what's inside, how it's used, and why. Here's the good news: Mend.io goes beyond basic dependency scanning. We reveal if a library is actively used and show exactly how it's accessed in your code. This granular insight lets you prioritize vulnerabilities with laser focus and minimize risk. Want to see how Mend.io can help you secure your code? Let's chat! Reach out to me for a personalized demo. #DevSecOps #appsec #codeanalysis

Last Friday was my last day of running the operations at CYDEF (something I had been doing "temporarily" since 2019). So I thought I would reflect on some highlights I've seen (directly or with my team): Most dangerous attack: FTP server exploit dropping Cobalt strike with actions on keyboard by attackers (don't deploy Internet facing software as domain admin folks). Most FAFO: Redline infection not remediated because the customer wanted to keep using the pirated software. The mimikatz drop and lateral movement came a month later. Most dangerous behaviour : Downloading and running pirated software (infections are numerous and very severe). Most "what were you thinking" : After having been notified numerous times not to set their admin password to something very weak, the culprit create a user giraffe and added it to the admin group to set the weak password (we saw it anyway). Funniest office porn watched (name) : Big honkers drives me bonkers (There was a number indicating it was a series, but I don't remember). Most cryptic response from a customer : "Mfundo !!!" (it was the name of the user, but we had no context at the time and had the opportunity to develop a rich mythology around it). As a closing note, I think the biggest lesson from CYDEF operations is that, if you get good at detecting Redline/Racoon/etc. and Emotet, you don't need to work at remediating Conti or Lockbit. This is the secret of the excellent track record we had for the time I was temporarily in charge.

Flexera’s March Software Vulnerability Report is now available, and here are some key takeaways: - #NVDChallenges: The vulnerability community is abuzz with concerns over potential delays in vulnerability analysis at NVD - 1,073 total advisories this month, marking an increase from the last record of 1,055 and a 44% surge compared to Q1 2023 - Critical alerts: We've flagged 2 extremely critical advisories this month, doubling from last month's count 𝗗𝗼𝘄𝗻𝗹𝗼𝗮𝗱 𝗥𝗲𝗽𝗼𝗿𝘁 𝗡𝗼𝘄: https://lnkd.in/g2QpEKQv

Flexera’s March Software Vulnerability Report is now available, and here are some key takeaways: - #NVDChallenges: The vulnerability community is abuzz with concerns over potential delays in vulnerability analysis at NVD - 1,073 total advisories this month, marking an increase from the last record of 1,055 and a 44% surge compared to Q1 2023 - Critical alerts: We've flagged 2 extremely critical advisories this month, doubling from last month's count 𝗗𝗼𝘄𝗻𝗹𝗼𝗮𝗱 𝗥𝗲𝗽𝗼𝗿𝘁 𝗡𝗼𝘄: https://lnkd.in/g2QpEKQv

"WE LUCKED OUT" This is what we heard in a recent call in regard to a security vulnerability caused by the client's unsupported software. In the digital realm, danger lurks in every corner. We've seen it firsthand. Too many folks chat with us after disaster strikes, wishing they'd put security first. Don't be that person. The Open Source Community, a beacon of adaptability, brilliance, and might, is not invulnerable to the schemes of digital villains. Whether HeroDevs shields your legacy software or you're sailing with the latest updates, never forget: You're the frontline guardian of your data, your team, and your enterprise. Armor up, stay alert.

CrushFTP File Transfer Vulnerability Lets Attackers Download System Files: CrushFTP is urging customers to download v11 of its file transfer platform, with attackers actively exploiting a vulnerability that allows them to download system files

POV: CISOs celebrating how much budget they have left after saving on #CVE management costs 🍻💰 When you #RunWithRapidFort, we'll rescue your wallet AND your dev team by remediating up to 95% of your software vulnerabilities automatically - with no code change. Check out our ROI calculator to see how you can save on vulnerability management costs! Don't wait to #FortifyTheFuture. Calculate your ROI today: https://bit.ly/3teXsWF #FortifytheFuture #SoftwareSecurity