Another day, another false positive reported to Tenable... There has got to be a much easier to grab multiple Scan DB files from multiple effected assets. Takes too long to grab just 3 files. I should be able to grab multiple databases at once.
Juniper has released software updates to address vulnerabilities in its SRX and EX Series devices. The vulnerabilities are CVE-2024-21619 and CVE-2024-21620, and exist in the J-Web management interface. When exploited, it can allow an attacker to take control of the device. Administrators are advised to patch ASAP.
Fortra is warning of a new vulnerability in GoAnywhere MFT. The vulnerability is tracked as CVE-2024-0204, and when exploited, can allow an unauthorized user to create admin users. The vulnerability affects MFT 6.x and 7.4.0 and earlier. Administrators are advised to patch ASAP.
Citrix is warning of active exploitation of two zero-day vulnerabilities in its Netscaler ADC and Gateway appliances. The vulnerabilities are tracked as CVE-2023-6548 and CVE-2023-6549, and when exploited, can lead to remote code execution and denial of service. Administrators are advised to not expose management interface to the Internet, and patch ASAP.
curl is now a CVE Numbering Authority (CNA) assigning CVE IDs for all for all products made and managed by the curl project. This includes curl, libcurl, and trurl.
Security researchers have revealed two vulnerabilities POST SMTP Mailer WordPress plugin. The more severe vulnerability is tracked as CVE-2023-6875, and when exploited, allows an attacker to take control of the Wordpress installation. Administrators are advised to patch ASAP.
Fortinet has released software updates to FortiSIEM that addresses a command injection vulnerability. The vulnerability is tracked as CVE-2023-36553, and may allow a remote unauthenticated attacker to execute commands. FortiSIEM 4.7 to 5.4 are affected. Administrators are advised to upgrade ASAP to a fixed version.
New on the CVE Blog:
“CVE Records Keep Getting Better and Better”
An introduction to the new #CVE Record format with a real-world example + how this new structured format benefits the worldwide #VulnerabilityManagement community.
Mozilla released software patches today to fix a zero-day vulnerability in Firefox and Thunderbird being exploited in the wild. The vulnerability is tracked as CVE-2023-4863, and exists in the WebP image processing library. Exploiting the vulnerability can lead to arbitrary code execution. Users are advised to apply the patches ASAP.
Hi! We have another Community Video :) In this one Joseph Lee from the Greenbone Community demonstrates how to do a quick first scan using the scan wizard to scan a local network IP and go over basic scan report formatting and other features.
For two decades, I've heard security professionals urging organizations to "just patch your stuff" as though they don't already know that and/or it's as simple as saying those words. This is where real data and "thought leaders" differ. The data acknowledges that things aren’t so simple in the real world because vulnerability remediation is a moving target (new vulns are found as old ones are fixed).
We measured the remediation capacity of hundreds of organizations over a 12-month period. To do this, we calculated the total number of open (unremediated) vulnerabilities in the environment and the total number closed each month. We then averaged that over the active timeframe to get a monthly open-to-closed ratio for each organization and created a log-log regression model. The results are recorded in the figure below, where each organization is plotted along the grid. And those results are INSANE!
The R2 statistic for this log-log regression model is 0 .93, meaning that it’s very strong and captures most of the variability around vulnerability closure rates. You can see this visually in the figure because all the points—which represent the remediation capacity for each firm—fit tightly along the regression line.
Strong models are great, but there’s something else we learned that’s greater still. Notice first that each axis is presented on a log scale, increasing by multiples of 10. Now, follow the regression line from the bottom left to upper right . See how every tenfold increase in open vulnerabilities is met with a roughly tenfold increase in closed vulnerabilities?
That, in a nutshell, is why it feels like your vulnerability management program always struggles to keep up. And why "just patch it, stupid" is ignorant and unhelpful advice. A typical organization will have the capacity to remediate about one out of every 10 vulnerabilities in their environment within a given month. That seems to hold true for firms large, small, and anywhere in between.
So is there no hope? Are vulnerability management programs destined to slowly drown in a quagmire of their own making? No! We did observe organizations that managed to drive down risky vulns in their environment over time...but that's another story for another post. Follow / stay tuned for their secret (hint: it doesn't require buying a product).
Did you know that following the advice of several security standards to remediate all vulnerabilities with a CVSS score of 7 or above would barely address half of those known to be exploited and almost 70% of that effort would be wasted on things that don't represent real risk right now?
Seem impossible to believe? Check our math in Prioritization to Prediction, Volume 1: https://lnkd.in/eyKzzX25
Coverage measures the completeness of remediation. Of all vulnerabilities that should be remediated, what percentage was correctly identified for remediation?
Efficiency measures the precision of remediation. Of all vulnerabilities identified for remediation, what percentage should have been remediated?
@VitorHSSousa and myself have developed a #nmap service probe to identify whether a service on port 1801 is #MSMQ.
I've just published it on the URL below. We can't guarantee this will successfully detect every version, but we've tested with a few Windows Server and non-server versions and it seems to work across at least recent ones.
We hope this helps defenders identify exposed MSMQ so they can mitigate the risk from #QueueJumper.