Kane Pierce’s Post

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/wIMd1y

Look into your environment and check whether these 3 vulnerabilities exist or not. If they do, no matter whether their CVSS score is 1 or 10, or whether severity rating is medium/ low/ High, Patch it right away. Why Patch right away, because attackers are actively exploiting these vulns.

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/dyYKZB

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/DB4V9T

Threat Brief: ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and CVE-2024-1709)

This year, the Expel SOC has already seen 20 severe vulnerabilities identified and exploited. We shine a light on the most dangerous of those vulnerabilities and tell you how to protect your org. https://okt.to/CGiPBh

Please understand, and PAY ATTENTION, this is why we have to pay attention and do something about it... BOD-22-01 BINDING OPERATIONAL DIRECTIVE BIG Difference between , NVD and KEV "The NVD lists all publicly known vulnerabilities with a Common Vulnerabilities and Exposures (CVE) ID assigned. The NVD database currently includes more than 160,000 unique CVEs, and is constantly growing. Each vulnerability is scored based on several factors, including impact and ease of execution. However, the Common Vulnerability Scoring System (CVSS) base score does not account for if the vulnerability is actually being used to attack systems. The experts have observed that attackers do not rely only on “critical” vulnerabilities to achieve their goals; some of the most widespread and devastating attacks have included multiple vulnerabilities rated “high”, “medium”, or even “low”. This methodology, known as “chaining”, uses lower score vulnerabilities to first gain a foothold, then exploit additional vulnerabilities to escalate privilege on an incremental basis." Also, many vulnerabilities classified as “critical” are highly complex and have never been seen exploited in the wild - in fact, less than 4% of the total number of CVEs have been publicly exploited. But threat actors are extremely fast to exploit their vulnerabilities of choice: of those 4% of known exploited CVEs, 42% are being used on day 0 of disclosure; 50% within 2 days; and 75% within 28 days. https://lnkd.in/ezxAX_YW

CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your systems. #CVE

The headline is a bit alarmist, but a good time to remind you to: ▶️ review the required patches ▶️ perform your risk assessment ▶️ test your patches in a controlled environment ▶️ then roll out across the network It's important to note that just because a patch is not critical or important doesn't mean that I doesn't need to be installed. Many exploits are chained that take advantage of lower risk vulnerabilities first then escalate the attack. https://lnkd.in/eNve_eF6

📈 With a 30% spike in reported CVEs in the first half of 2024, staying ahead of vulnerabilities is more challenging than ever. Yet, less than 1% of these vulnerabilities are weaponized—these are the most severe and demand swift, efficient responses. Unfortunately, many current remediation processes are slow and inefficient, making quick response times difficult, if not impossible. This small percentage of weaponized CVEs can create significant risk if not addressed promptly. Inefficient remediation workflows often leave organizations exposed longer than necessary, increasing the chances that these dangerous vulnerabilities could be exploited. What’s more alarming? A 10% increase in the weaponization of older CVEs. This underscores a critical point: the vulnerabilities you’re aware of but haven’t addressed are the ones that could come back to haunt you. It’s not enough to focus solely on high-risk vulnerabilities; a comprehensive remediation plan is essential to tackle as many vulnerabilities as possible and minimize exposure. For more insights, check out the full article on Infosecurity Magazine. https://lnkd.in/dqrn96EA