{"id":7635,"date":"2020-07-14T04:35:51","date_gmt":"2020-07-14T11:35:51","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?p=7635"},"modified":"2023-07-10T14:36:31","modified_gmt":"2023-07-10T21:36:31","slug":"how-safe-are-your-tech-stacks","status":"publish","type":"post","link":"https:\/\/webdev.securin.xyz\/articles\/how-safe-are-your-tech-stacks\/","title":{"rendered":"How Safe are your Tech Stacks?"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"7635\" class=\"elementor elementor-7635\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-e90d384 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"e90d384\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-4a9781a\" data-id=\"4a9781a\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-4e0e048 elementor-widget elementor-widget-text-editor\" data-id=\"4e0e048\" data-element_type=\"widget\" data-settings=\"{&quot;ekit_we_effect_on&quot;:&quot;none&quot;}\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p dir=\"ltr\"><span style=\"font-size: 18px;\"><span style=\"color: #455aa8;\"><b id=\"docs-internal-guid-a5a6c676-7fff-3b55-f2aa-1b75f7a1ab73\">T<\/b><\/span><span style=\"color: #000000;\">his April, Cognizant fell prey to a nasty ransomware attack whose ripple effect has shaken the world.\u00a0<\/span><\/span><\/p><blockquote><p dir=\"ltr\"><strong><span style=\"font-size: 20px;\">Cognizant has over hundreds of Fortune 500 companies as its customers and this recent attack finds them literally over the barrel, scrambling for cover. The full impact of this attack will be known in the months to come\u2026 though the company expects to lose between $50 Million to $70 Million to cover legal, consulting, security restoration and remediation work.<\/span><\/strong><span style=\"font-size: 16px;\">\u00a0<\/span><\/p><\/blockquote><p dir=\"ltr\">The fact that this ransomware attack happened right after employees started working remotely is significant!<\/p><p dir=\"ltr\">Remote working has become the new normal in the past months and might just be a new working model for many companies in the future.\u00a0<\/p><p dir=\"ltr\">A recent white paper (<a href=\"https:\/\/cybersecurityworks.com\/pdf\/Whitepaper\/CSW-COVID_Risk_Report-Working_Remotely.pdf\" target=\"_blank\" rel=\"noopener\">Cyber Risk in working remotely<\/a>) released by Cyber Security Works paints a disturbing picture of the vulnerabilities that exist in popular tech stacks used today.\u00a0<\/p><p dir=\"ltr\"><big><b id=\"docs-internal-guid-a5a6c676-7fff-3b55-f2aa-1b75f7a1ab73\">Key Findings<\/b><\/big><\/p><p dir=\"ltr\">The report provides an in-depth analysis of popular tech stacks and their inherent vulnerabilities &#8211;\u00a0<\/p><ul dir=\"ltr\"><li role=\"presentation\"><span style=\"font-size: 14px;\">Trends of weaponization of vulnerabilities in tech stacks over the past decade.\u00a0<\/span><\/li><li role=\"presentation\"><span style=\"font-size: 14px;\">Prioritization of vulnerabilities by the weaponization.<\/span><\/li><li role=\"presentation\"><span style=\"font-size: 14px;\">A list of top 3 vulnerabilities in each technology.<\/span><\/li><li role=\"presentation\"><span style=\"font-size: 14px;\">A priority list of CVEs that needs to be fixed first.<\/span><\/li><li role=\"presentation\"><span style=\"font-size: 14px;\">Spotlight on applications that have the maximum number of vulnerabilities.\u00a0<\/span><\/li><\/ul><p dir=\"ltr\"><big><b id=\"docs-internal-guid-a5a6c676-7fff-3b55-f2aa-1b75f7a1ab73\">Vulnerabilities in Tech Stacks<\/b><\/big><\/p><ul><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">We examined an overall <span style=\"color: #b22222;\"><strong>4849<\/strong> <\/span>vulnerabilities in tech stacks (encompassing VPN, Access Service, Database, Web Proxy, Web Gateway, CRM, Business Intelligence, Backup &amp; Storage, Online conference).\u00a0<\/p><\/li><\/ul><p dir=\"ltr\" role=\"presentation\"><img decoding=\"async\" style=\"width: 550px; height: 370px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/img3(1).png\" alt=\"Vulnerabilities prioritization across Enterprise Technologies\" \/><\/p><ul><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">Out of these, over <span style=\"color: #b22222;\"><strong>543<\/strong><\/span> CVEs have been weaponized, and <span style=\"color: #b22222;\"><strong>6<\/strong> <\/span>CVEs are vulnerable to ransomware!<\/p><\/li><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">We found the maximum number of vulnerabilities in Database (<span style=\"color: #b22222;\"><strong>1449<\/strong><\/span>), Online Conference (<span style=\"color: #b22222;\"><strong>877<\/strong><\/span>), and Backup &amp; Storage technologies (<span style=\"color: #b22222;\"><strong>745<\/strong><\/span>).\u00a0<\/p><\/li><\/ul><p dir=\"ltr\" role=\"presentation\"><img decoding=\"async\" style=\"width: 550px; height: 395px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/img1(2).png\" alt=\"Weaponization of CVEs for Enterprise Technologies\" \/><\/p><ul><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">Out of these, remote code execution (RCE) is possible for <span style=\"color: #b22222;\"><strong>45<\/strong> <\/span>vulnerabilities in Backup and Storage technologies and for <span style=\"color: #b22222;\"><strong>25<\/strong> <\/span>vulnerabilities in Database.\u00a0<\/p><\/li><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">A total of <span style=\"color: #b22222;\"><strong>473<\/strong> <\/span>critical vulnerabilities were found among all the technologies that were examined. Of these Online Conference solutions has over <span style=\"color: #b22222;\"><strong>220<\/strong> <\/span>vulnerabilities, followed by Backup &amp; storage which has <span style=\"color: #b22222;\"><strong>108<\/strong> <\/span>vulnerabilities.<\/p><\/li><li dir=\"ltr\"><p dir=\"ltr\" role=\"presentation\">The trend in weaponization also gave many insights. For one thing, the weaponization rates have been increasing considerably since 2015. In 2017, <span style=\"color: #b22222;\"><strong>47<\/strong> <\/span>vulnerabilities became weaponized (out of <span style=\"color: #b22222;\"><strong>803<\/strong> <\/span>CVE in total).\u00a0<\/p><\/li><\/ul><p dir=\"ltr\" role=\"presentation\"><img decoding=\"async\" style=\"width: 550px; height: 352px;\" src=\"https:\/\/cybersecurityworks.com\/howdymanage\/uploads\/image\/img4(1).png\" alt=\"Weaponization of CVEs (2010 -2020)\" \/><\/p><p dir=\"ltr\"><big><b id=\"docs-internal-guid-a5a6c676-7fff-3b55-f2aa-1b75f7a1ab73\">Vulnerabilities undetected by popular scanners<\/b><\/big><\/p><p dir=\"ltr\">Popular scanners like Nessus, Nexpose, and Qualys have missed around <span style=\"color: #b22222;\"><strong>102<\/strong><\/span>, <span style=\"color: #b22222;\"><strong>158<\/strong><\/span>, and <span style=\"color: #b22222;\"><strong>131<\/strong> <\/span>vulnerabilities.<\/p><p dir=\"ltr\">Unique vulnerabilities that can be executed remotely like the below-given list were missed by all three scanners.<\/p><ol dir=\"ltr\"><li role=\"presentation\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-12815#:~:text=CVE%2D2017%2D12815%20Detail&amp;text=Successful%20exploitation%20results%20in%20file,that%20ran%20the%20Java%20applet.\">CVE-2017-12815<\/a><\/strong><\/li><li role=\"presentation\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-18362\">CVE-2017-18362<\/a><\/strong><\/li><li role=\"presentation\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2017-15376#:~:text=CVE%2D2017%2D15376%20Detail&amp;text=The%20TELNET%20service%20in%20Mobatek,commands%20via%20TCP%20port%2023.\">CVE-2017-15376<\/a><\/strong><\/li><li role=\"presentation\"><strong><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2010-3128\">CVE-2010-3128<\/a><\/strong><\/li><\/ol><p dir=\"ltr\" role=\"presentation\">Here is a count of CVEs that were missed by scanners &#8211;<\/p><table style=\"width: 500px;\" border=\"1\" cellspacing=\"2\" cellpadding=\"2\" align=\"center\"><thead><tr><th scope=\"col\">Technology<\/th><th scope=\"col\"><strong>Nessus<\/strong><\/th><th scope=\"col\"><strong>Nexpose<\/strong><\/th><th scope=\"col\"><strong>Qualys<\/strong><\/th><\/tr><\/thead><tbody><tr><td><strong>VPN<\/strong><\/td><td>6<\/td><td>12<\/td><td>8<\/td><\/tr><tr><td><strong>RAS<\/strong><\/td><td>5<\/td><td>8<\/td><td>5<\/td><\/tr><tr><td><strong>Database<\/strong><\/td><td>23<\/td><td>49<\/td><td>32<\/td><\/tr><tr><td><strong>Web Proxy<\/strong><\/td><td>2<\/td><td>5<\/td><td>3<\/td><\/tr><tr><td><strong>Web Gateway<\/strong><\/td><td>1<\/td><td>12<\/td><td>3<\/td><\/tr><tr><td><strong>CRM<\/strong><\/td><td>5<\/td><td>6<\/td><td>5<\/td><\/tr><tr><td><strong>BI<\/strong><\/td><td>4<\/td><td>2<\/td><td>5<\/td><\/tr><tr><td><strong>Backup &amp; Data Storage<\/strong><\/td><td>44<\/td><td>46<\/td><td>33<\/td><\/tr><tr><td><strong>Online Conference<\/strong><\/td><td>10<\/td><td>22<\/td><td>8<\/td><\/tr><tr><td><strong>Total<\/strong><\/td><td><strong>100<\/strong><\/td><td><strong>162<\/strong><\/td><td><strong>102<\/strong><\/td><\/tr><\/tbody><\/table><p>Threat actors have always exploited the inherent vulnerabilities in a software program. A weak code is all that is needed for them to penetrate and steal data. The current circumstances present prime opportunities for them to breach security and spread mayhem. Tech giants like Cognizant have already taken a hit and more will follow in the months to come &#8211; if these vulnerabilities are not fixed.<\/p><p dir=\"ltr\">The only way forward in the present situation is to understand the threat and not confuse the lack of weaponization of vulnerability with safety and be complacent about it. <big><span style=\"font-size: 16px;\"><small>\u00a0<\/small><\/span><\/big><\/p><blockquote><p><span style=\"font-size: 18px;\">Click here to download the white paper <strong><u><span style=\"color: #000119;\"><a href=\"https:\/\/cybersecurityworks.com\/pdf\/Whitepaper\/CSW-COVID_Risk_Report-Working_Remotely.pdf\" target=\"_blank\" rel=\"noopener\">Cyber Risk in Working Remotely<\/a><\/span><\/u><\/strong><\/span><\/p><\/blockquote>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>This April, Cognizant fell prey to a nasty ransomware attack whose ripple effect has shaken the world.\u00a0How safe is your tech stack? Let&#8217;s take a look.<\/p>\n","protected":false},"author":1,"featured_media":7636,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[80,109],"tags":[308,314,313,312,309,315,91,141,307,106,311,310,140],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/7635"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/comments?post=7635"}],"version-history":[{"count":9,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/7635\/revisions"}],"predecessor-version":[{"id":18754,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/posts\/7635\/revisions\/18754"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/7636"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=7635"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/categories?post=7635"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/tags?post=7635"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}