this post was submitted on 21 Oct 2024
64 points (100.0% liked)

Cybersecurity

5683 readers
38 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
 

So my company is investigating whether it's worth it to use ThreatDown (the corporate version of Malwarebytes) for endpoint-protection.

However, recently (October 9th) a critical vulnerability in Firefox was reported by Mozilla: CVE-2024-9680.

The "strange" thing is that there was no mention of this vulnerability in ThreatDown when I checked after the weekend (October 14th):

(screenshot shows issues that ThreatDown did find, sorted from worst to least bad.

Even though the version of Firefox did contain the vulnerability:

And Locize did run several scans on this endpoint in the mean time:

We contacted ThreatDown about this and the next day the vulnerability suddenly shows up in ThreatDown:

To me it feels like we had to notify ThreatDown about the vulnerability, instead of them notifying us, which is the exact opposite of what we are paying them for, right?

Is this a strange conclusion? What is your experience with them? Any other comments/ideas/things we are missing?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 6 points 3 weeks ago

Typical of this kind of service. Only as fast as their interns reading RSS feeds and adding them to vuln definitions db.