Black Kite’s Post

CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your systems. #CVE

The headline is a bit alarmist, but a good time to remind you to: ▶️ review the required patches ▶️ perform your risk assessment ▶️ test your patches in a controlled environment ▶️ then roll out across the network It's important to note that just because a patch is not critical or important doesn't mean that I doesn't need to be installed. Many exploits are chained that take advantage of lower risk vulnerabilities first then escalate the attack. https://lnkd.in/eNve_eF6

CVE count set to rise by 25% in 2024 The report from Coalition indicates an anticipated 25% rise in the total count of published common vulnerabilities and exposures (CVEs) for 2024, reaching 34,888 vulnerabilities, equivalent to approximately 2,900 per month

In case you are wondering why vulnerabilities are slow to show up in your monthly scan results...

Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/dyYKZB

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/wIMd1y

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/CGiPBh

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/DB4V9T

CVE_Prioritizer is a powerful tool that helps you prioritize vulnerability patching by combining CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. It provides valuable insights into the likelihood of exploitation and the potential impact of vulnerabilities on your information system. https://lnkd.in/gvAVm4Pg #informationsecurity #github #cve #cisa