Annnd summer is officially under way. We all love the sunshine, I’m guessing, but vacation time means it’s easier to miss things at work. ?? On the off chance you've been paying more attention to the nice weather than work things, here's a quick refresh of what's been happening at Expel.
- MOVEit Transfer exploited vulnerability
- Fortigate remote code execution vulnerability
- Risk-based prioritization is the key to your vulnerability management challenges
- Threat hunting complements MDR for a stronger defensive strategy
New Expel Workbench integrations help defend against identity threats
Embracing unconventional collaboration
We had a couple of notable alert bulletins in June. In both cases, we laid out the details around what happened and why it mattered, explained the steps we took, and provided relevant advice on customer next steps. If you missed these items, please read the posts right away.
- MOVEit Transfer exploited vulnerability— "If an attacker successfully exploits this vulnerability, they could gain access to an organization’s network and begin exfiltrating data and deploying ransomware. Via a SQL injection vulnerability in the MOVEit Transfer web application, an un-authenticated attacker could gain unauthorized access to MOVEit Transfer’s database, allowing the attacker to modify or access database elements.”
- Fortigate remote code execution vulnerability— "Recently, the United States federal government, Microsoft, and Mandiant warned that Chinese state actors have exploited Fortigate vulnerabilities. Firewalls can be harder to defend because they have to be exposed to the internet, and the organizations that use them can’t install endpoint detection and response (EDR) agents on them, limiting visibility for defenders.”
- According to a 2021 Joint Cybersecurity Advisory cosponsored by (among others) the FBI, the NSA, and CISA, unpatched software is one of the top three access routes for hackers. Of course, more than 26,000 software security flaws were reported last year alone, and better than 11% of them have a critical score. You can't do them all, so how can you possibly know which to do first? Good question. The good answer:?risk-based prioritization is the key to your vulnerability management challenges.
- We know threat hunting is great. We know MDR is great.?But do we know how well they work together??(Hint: yes we do.) The “Chrome 78” case illustrates. It’s even kinda fun.
Our latest Integrations with 1Password, Snowflake, Auth0, and Crowdstrike Falcon Identity Protection help protect against identity threats.
Casey Ellis, Founder, Chairman, and CTO of Bugcrowd, joins us to walk through his journey from hacking to entrepreneurship, how he’s worked to win over the notoriously skeptical researcher community, and the difference between risk and security and why it matters.
Thanks for reading! Connect with us on LinkedIn and Twitter.
