Cybersecurity

5662 readers

114 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

ThreatDown (Malwarebytes) misses important vulnerability (feddit.nl)

submitted 3 weeks ago* (last edited 3 weeks ago) by angelmountain@feddit.nl to c/cybersecurity@sh.itjust.works

1 comments fedilink hide all child comments

So my company is investigating whether it's worth it to use ThreatDown (the corporate version of Malwarebytes) for endpoint-protection.

However, recently (October 9th) a critical vulnerability in Firefox was reported by Mozilla: CVE-2024-9680.

The "strange" thing is that there was no mention of this vulnerability in ThreatDown when I checked after the weekend (October 14th):

(screenshot shows issues that ThreatDown did find, sorted from worst to least bad.

Even though the version of Firefox did contain the vulnerability:

And Locize did run several scans on this endpoint in the mean time:

We contacted ThreatDown about this and the next day the vulnerability suddenly shows up in ThreatDown:

To me it feels like we had to notify ThreatDown about the vulnerability, instead of them notifying us, which is the exact opposite of what we are paying them for, right?

Is this a strange conclusion? What is your experience with them? Any other comments/ideas/things we are missing?

top 1 comments

sorted by: hot top controversial new old

[–] magikmw@lemm.ee 7 points 3 weeks ago

Typical of this kind of service. Only as fast as their interns reading RSS feeds and adding them to vuln definitions db.