A key cybersecurity tactic that many companies never seem to master is vulnerability management.
The complexity of ecosystems, distant work, and digital revolution are driving the danger landscape’s evolution. A third of the most recent attacks have been centred on the exploitation of flaws in business software.
Several industry sources indicate that every day, roughly 50 new vulnerabilities in various software components are released. These are frequently abused in order to launch fresh attacks. Due to the current environment, organisations must react to risk swiftly and thoroughly.
The Common Vulnerabilities and Exposures (CVE) alert system is used by the cybersecurity sector to notify users of newly discovered software flaws. In effect, this gives IT departments a whack-a-mole method for determining what needs patching.
Actually, the problem lies with patching the vulnerable programme. There is no centralised method for creating patches for known vulnerabilities. Installing software patches is a continuous, unplanned, catch-as-catch-can activity as they are available.
The extent to which open-source code is incorporated into the software supply chain exacerbates this issue. Even products that are proprietary contain open-source code modules since there is no single source of development for them.
Cybersixgill, a provider of cybersecurity threat intelligence, unveiled a novel approach to lowering risk by quickening businesses’ time to act at Black Hat USA last month. It provides what might be the first end-to-end intelligence solution to address the CVE lifecycle in the cybersecurity sector.
According to Gabi Reish, chief business development and product officer for Cybersixgill, “given the high volume of attacks using vulnerability exploitation as the initial means of infiltration, companies require vulnerability management solutions that give them the data and context they need to fully understand where their greatest business risks lie.”
Automation and mapping of adversary approach are provided by the new Dynamic Vulnerability Exploit (DVE) Intelligence platform. To expedite vulnerability investigation, it also makes use of rich vulnerability exploit intelligence.
Cybersixgill discovered a novel method for carrying out this procedure. To snoop on evil folks’ snooping, it delves deeply into their hangouts.
The company’s cyber sleuths use surveillance from the deep and dark web to learn what hackers are planning before they attack. By combining information on asset exposure and impact severity with real-time vulnerability and exploit intelligence, the DVE Intelligence platform improves vulnerability assessment and prioritisation procedures.
According to Cybersixgill, this method provides IT teams with the crucial context necessary to prioritise CVEs in order of urgency and fix vulnerabilities before they may be used as weapons in attacks.
This approach gives conventional cybersecurity platforms a fresh component. Comprehensive context directly related to the likelihood of attack exploitation is provided by DVE Intelligence. IT professionals can therefore prioritise CVEs according to their urgency and fix vulnerabilities before they can be used as weapons in attacks or exploited.
The most frequent attack method used by hackers is vulnerability exploitation, according to IBM’s X-Force Threat Intelligence Index 2022. One of the top five cybersecurity dangers that enterprises currently face is this one.
Organizations must be aware of their vulnerabilities and the level of risk that each one poses in order to prioritise remedial efforts. Additionally, businesses need to be aware of how new apps or hardware investments may be impacted by the danger of any trending vulnerability.
Fending Off Cyberattacks
According to Reish, the main challenges that businesses confront are deciding where to focus and how to react. Potential attackers can create an attack with almost limitless resources from their underground sources.
He told The E-Commerce Times, “We are gathering a lot of data on what are they sharing, what they are attempting to hack, and what malware they are trying to get.”
To use these vulnerabilities as weapons, the bad guys create exploit kits. We believe that there is a significant possibility of being exploited on any given day through vulnerabilities that are revealed on a daily basis based on our regular talks with sources. Reish said that this is when cybersecurity and governance come into play.
Cybersixgill accomplishes this using automated tools they created to gather data from all the many places and settings where threat actors operate and congregate in the seedy areas of the dark web.
The company’s researchers are active in the forums that online criminals create to conduct business with one another and market malware and exploit kits.
They typically don’t create their own ransomware malware. They acquire it. Reish explained that they purchase access to a business as well as malware or ransomware kits to carry out their crimes.