Defence
Working out what exploits to care about is a tough job, kill chains, availability of exploits, complexity, data flows, controls etc. all play a part in understanding a vulnerability and how it affects your organisational risk. To support this effort I’ve started to compile a list of public exploits against CISA Known Exploited Vulnerabilities (KEV). This may be useful for defensive and offensive security pros.
Read more “Offensive KEV Alpha 0.1”
Defence
Spotted on twitter (thanks Danny!):
already ahead of u
— MrR3b00t | #StandWithUkraine #DefendAsOne (@UK_Daniel_Card) June 9, 2022you know that all the infosec pros have to read every one…. well ones relvent to their environment/scope….
x pic.twitter.com/AnMqiLjNvB
CISA updates the known exploited vulnerabilities list (KEV) yesterday with another 38 updates!
That means an update is required for OFFESNIVE KEV!
Read more “Offensive KEV Updates! CISA releases 38 more CVEs to KEV”