The CISA agency has released 12th May 2020 a nice article regarding 10 vulnerabilities that has been the most exploited from 2016 to 2019. Here is the original article.
In the following post, we will show you how effective and straight-to-point vFeed indicators can be when it comes to tackle immediately with all facets of a critical vulnerability. Patches, scanning signatures, detection rules, open standards identifiers, exploitation proof of concepts can be leveraged by diverse IT actors to align with their business requirements & objectives.
Let’s take 3 examples and see what indicators we do add on the top (If you need more examples, do not hesitate to contact us for demo access and get data to play with it)
CVE-2017-11882 Review by CISA
- Vulnerable Products: Microsoft Office 2007 SP3/2010 SP2/2013 SP1/2016 Products
- Associated Malware: Loki, FormBook, Pony/FAREIT
- Mitigation: Update affected Microsoft products with the latest security patches
- More Detail: https://nvd.nist.gov/vuln/detail/CVE-2017-11882
- IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133e
CVE-2017-11882 Indicators by vFeed, Inc.
CVE-2018-4878 Review by CISA
- Vulnerable Products: Adobe Flash Player before 28.0.0.161
- Associated Malware: DOGCALL
- Mitigation: Update Adobe Flash Player installation to the latest version
- More Detail: https://nvd.nist.gov/vuln/detail/CVE-2018-4878
- IOCs: https://www.us-cert.gov/ncas/analysis-reports/ar20-133d
CVE-2018-4878 Indicators by vFeed, Inc
CVE-2019-0604 Review by CISA
- Vulnerable Products: Microsoft SharePoint
- Associated Malware: China Chopper
- Mitigation: Update affected Microsoft products with the latest security patches
- More Detail: https://nvd.nist.gov/vuln/detail/CVE-2019-0604
CVE-2019-0604 Indicators by vFeed, Inc.
As a conclusion, vFeed Vulnerability Intelligence can be suitable to Vulnerability Management, Patches Management, Intelligence Service Department, SOC Department, CERT/CSIRT teams, DFIR teams and more. vFeed data cover all interests and every single team in a company can benefit from it. Moreover, it is very easy to deploy & ingest.