Weekly Intelligence
cyber-security-exim-vulnerability

July 20th Weekly Attack Surface Attribution Intelligence

Overview

This week there were six (6) distinct vulnerabilities, affecting nine (9) products, being discussed across the dark web. Researching these vulnerabilities against the techniques found in Mitre’s ATT&CK framework did not identify any findings to known cyber threat actors.

These vulnerabilities impact over 2,600 active instances of deployed technology across the global internet. At the time of our research, the majority of affected vulnerable infrastructure are located in the United States, China and Indonesia.

Details

Our data science team researched these six vulnerabilities against the techniques found in Mitre’s ATT&CK framework did not identify any findings to known cyber threat actors.

The primary vendors of interest across the dark web was Apache, Comtrend, F5, Microsoft and SAP. F5 and SAP have both recently had significant vulnerabilities disclosed and discussed frequently in the news due to the impact of the vulnerability in question and the remote code execution threat.

A survey of global internet infrastructure identified over 2,600 active instances of deployed infrastructure that are potentially susceptible to this week’s vulnerabilities.

The majority of these vulnerabilities can be found in the United States, China and Indonesia.

About Cybeta

Cybeta is a cybersecurity data science firm focused on developing advanced analytics for early indications and warning of potential or emerging cyber-attacks. Our flagship product, Threat Beta, has been independently verified and validated to provide accurate forecasting of future breach exposure.

Cybeta works with various data providers as well as through our own deployment of network sensors to provide a continuous stream of near-real time data for our analytics and prediction engine. By providing corporate executives and government officials with advanced insights into future attack potential, we are enabling organizations to make the shift towards an active defense cybersecurity strategy.

About Our Newsletter

In an effort to further our mission of enabling organizations to take on an active defense cybersecurity strategy, our newsletter is the result of our analytic work which culls through dark web forums; collects, aggregates and analyzes internet infrastructure data, vulnerabilities, weaknesses and exploits deployed around the world.

Each week our newsletter will present our findings of which vulnerabilities and exploits were being discussed by hackers, nation states, cyber criminals and information security researchers across the dark web. We map this data to the tactics, techniques and procedures (TTPs) we see in the Mitre ATT&CK framework datasets. 

Where and when it is available, we will also present where we have uncovered these specific vulnerabilities, while not drawing attention to the specific organization owning the vulnerable infrastructure.