Despite its potential for widespread impact, the complexity of exploiting regreSSHion and the availability
            of mitigations reduce  the immediate  risk. Organizations  are advised to patch critical assets, prioritizing
            internet-facing SSH servers.

            Analyzing a risk, by understanding  its criticality factors (preauth, default config, exploitability, popularity,
            etc)  is  the  way  to  tackle  the  problem  of a  “new  critical  vulnerability”  incident,  in  a very  efficient  way,
            similarly to how we broke down the EternalBlue and regreSSHion cases to their criticality factors.

            Beyond  analyzing the criticality  and regular  patching, a structured  response  to critical vulnerabilities  is
            essential  too.  First,  identify  all  affected  assets  to  prioritize  efforts,  focusing  on  internet-facing  and
            business-critical  assets  first.  Then,  automate  patching  where  possible  to  ensure  swift  and  effective
            remediation.  Remember,  the  goal is to avoid  panic,  assess  criticality  accurately,  and  act decisively  to
            protect your organization!

             We  have  broken  down  RCE  vulnerabilities  into  their  criticality  factors  to  provide  a  framework  for
            assessing  their  severity.  By  examining  case  studies  like  EternalBlue  and  regreSSHion,,  we  have
            highlighted what makes certain vulnerabilities more dangerous than others. The key takeaway is to stay
            informed, analyze risks carefully, and prioritize actions to maintain a robust security posture.

            .




            About the Author

            Jonathan  Jacobi  is part  of the  CTO  office  at cybersecurity  startup  Dazz.  He
            focuses on product  development and innovation within the company. Coming
            from a wide background in the cybersecurity field, Jonathan started his college
            degree  in  computer  science  as  a  13-year-old,  worked  as  a  Vulnerability
            Researcher  at  Check  Point  Research,  and  was  the  youngest  Microsoft
            employee as part of Microsoft’s MSRC.

            In his military service, Jonathan served in the Elite Israeli Cyber & Intelligence
            Unit, 8200, in various security research and leadership positions.


            Jonathan’s hands-on experience ranges from real-world security research and
            finding  0-day vulnerabilities  to speaking  at world-renowned  events like TEDx
            and  CCC  (Chaos  Communication  Congress).  He  is  also  a  Co-Founder  of
            Perfect Blue,  ranked as the #1 hacking (CTF) team  in the world (2020-2021,
            2023). Jonathan can be reached online at [email protected]  |  https://twitter.com/j0nathanj  and at Dazz’
            website https://www.dazz.io/who-we-are












            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          80
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.