this post was submitted on 21 Oct 2024
62 points (100.0% liked)

Cybersecurity

5683 readers
11 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 1 year ago
MODERATORS
 

So my company is investigating whether it's worth it to use ThreatDown (the corporate version of Malwarebytes) for endpoint-protection.

However, recently (October 9th) a critical vulnerability in Firefox was reported by Mozilla: CVE-2024-9680.

The "strange" thing is that there was no mention of this vulnerability in ThreatDown when I checked after the weekend (October 14th):

(screenshot shows issues that ThreatDown did find, sorted from worst to least bad.

Even though the version of Firefox did contain the vulnerability:

And Locize did run several scans on this endpoint in the mean time:

We contacted ThreatDown about this and the next day the vulnerability suddenly shows up in ThreatDown:

To me it feels like we had to notify ThreatDown about the vulnerability, instead of them notifying us, which is the exact opposite of what we are paying them for, right?

Is this a strange conclusion? What is your experience with them? Any other comments/ideas/things we are missing?

top 1 comments
sorted by: hot top controversial new old
[–] magikmw@lemm.ee 7 points 3 weeks ago

Typical of this kind of service. Only as fast as their interns reading RSS feeds and adding them to vuln definitions db.