Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads. […] Read More
BleepingComputer
The all in one place for non-profit security aid.
Apple has issued a new round of Rapid Security Response (RSR) updates to address a new zero-day bug exploited in attacks and impacting fully-patched iPhones, Macs, and iPads. […] Read More
BleepingComputer
How IT teams can conduct a vulnerability assessment for third-party applications
Google Chrome, Adobe Acrobat Reader, TeamViewer, you name it—there’s no shortage of third-party apps that IT teams need to constantly check for vulnerabilities. But to get a better picture of the problem, let’s bust out some napkin math.
The average company uses about 200 applications overall. Assuming at least 75% of these have a vulnerability at any given time, small security teams are tasked with finding and prioritizing over 150 vulnerabilities on a rolling basis.
If you’re not using a comprehensive tool like ThreatDown Vulnerability Assessment (free for all ThreatDown users), it’s going to take a solid combo of resourcefulness and patience to do that much vulnerability assessment on your own.
With that in mind, we’ve compiled this list of the five things IT teams need to do in order to find vulnerabilities in their environment.
The crucial first step involves cataloging every application within the IT environment. This foundational task, akin to a thorough inventory check, is essential for identifying potential security issues.
It’s not just about identifying the applications but also understanding their versions.
Why? Because you’re not just looking for vulnerabilities in one version of 7-Zip; to see if you’re truly affected, you’ll need to match your list of applications against vulnerabilities across different versions, such as 3.5 or 3.7.4. Not to mention that if your organization’s workforce doesn’t require regular updates of important software, then you might find countless versions of the same app dating back to the longest-term employees.
Matching the cataloged applications and their versions against entries in Common Vulnerabilities and Exposures (CVE) databases is the next critical step. This process helps in pinpointing specific vulnerabilities applicable to the software in use.
Here’s the play-by-play:
Go to https://cve.mitre.org/cve/search_cve_list.html
Type in the application you want vulnerability info on in the search bar.
Pinpoint whether the vulnerability impacts the specific version of the software that’s present throughout your network.
Rinse and repeat.
This type of repetitive, sometimes monotonous work isn’t just about identifying a CVE—it’s also about determining its severity. After identifying potential vulnerabilities, the next challenge is to prioritize them by CVSS and by asking questions that should inform you and your team about the best response. This includes questions like:
Is the vulnerability being actively exploited in the wild?
Is the CVE impacting critical tools or areas?
How important is the affected asset in maintaining operational continuity?
Remember, this is not a one-time task. You don’t just run vulnerability assessment once a year, or even once a month; you should be doing this on a daily basis. Why? Because every day counts. New CVEs are constantly popping into existence left and right, and if you’re not on top of them, you could be the target of an attack.
For teams seeking a more streamlined approach, the ThreatDown Vulnerability Assessment tool offers a solution.
To simplify security and reduce costs, Vulnerability Assessment deploys easily in minutes without a reboot, using the same agent and cloud-based console that powers all ThreatDown endpoint security technologies.
Identifies vulnerabilities in modern and legacy applications in less than a minute.
Utilizes the Common Vulnerability Scoring System (CVSS) and Cybersecurity and Infrastructure Security Agency (CISA) recommendations to evaluate and rank vulnerabilities for proper prioritization.
Our Security Advisor tool to analyzes an organization’s cybersecurity health—such as by assessment of current inventory and which assets are vulnerable—and generates a score based off what it finds. To improve the endpoint security health score, Security Advisor delivers recommendations to address discovered vulnerabilities: patching, updates, or policy changes.
While manually identifying vulnerabilities in third-party applications is a demanding task, following these structured steps can make the process more manageable. However, for ThreatDown customers, the ThreatDown Vulnerability Assessment tool is a valuable alternative.
The ThreatDown Vulnerability Assessment tool simplifies the process with features like a lightweight agent, quick vulnerability scans, accurate severity ratings based on CVSS and CISA guidelines, and integration with Security Advisor for tailored recommendations.
Try ThreatDown Vulnerability Assessment today.
Interested in adding Patch Management capabilities as well? Check out our Advanced, Ultimate, and Elite Bundles.
Malwarebytes
Google Chrome reduced cookie requests to improve performance
Google shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. […] Read More
CISA: Netwrix Auditor RCE bug exploited in Truebot malware attacks
CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada. […] Read More
BleepingComputer