Spring4Shell is on the rise. EASM is a necessity.

Yaron Tal

Spring4Shell is on the rise. EASM is a necessity.

Yaron Tal

Share:

Share on linkedin
Share on facebook
Share on twitter

Reposify’s EASM platform provides deep, real-time understanding of known and unknown assets exposed and vulnerable to Spring4Shell, instantly mitigating critical risk for any organization

The Spring4Shell zero-day vulnerability has sent a jolt of panic through the cybersecurity community. CISA has added the liability to its Known Exploited Vulnerabilities category based on “evidence of exploitation”. Taking cues from its predecessor Log4Shell, Spring4Shell targets only java-based enterprise applications. Similarly, Spring Framework is vulnerable to the most severe exploit there is: remote code execution (RCE). 

RCE leaves actors to run rampant in systems: stealing passwords and logins, extracting data and infecting networks with malware. With RCE, unprivileged external code can run remotely on any vulnerable machine in the network. Hackers are left to puppeteer attacks remotely with devastating impact. No strike is out of the question — data can be lost or stolen, communications proxied to a remote location, company data copied to private drives, or corporate reputation damaged with explicit content. All are very real, legitimate possibilities. 

We’re neck-and-neck: as threat actors exploit Spring4Shell vulnerabilities, cybersecurity teams scramble to assess attack surfaces for vulnerable assets. Sprawling digital footprints are a problem. Organizations have thousands — even millions —  of digital assets when accounting for subsidiaries, supply chain and third party vendors. With Spring Framework among the most common application frameworks, the Spring4Shell vulnerability is not to be understated. Though there are immediate steps organizations can take to protect their assets, like upgrading their Spring Framework to version 5.2.20 or 5.3.18, or downgrading their apache tomcat server to version 8 or less, organizations are limited toonly protecting assetsthey know are there

Zero-day RCE vulnerabilities are a trend, and they will continue. 

With Spring4Shell so closely following the Log4Shell vulnerability, an unpredictable trend emerges. Security teams may not be able to predict the next attack, but they can mount a defense. Reposify research concluded the average organization houses 64% of its assets as a part of the unofficial perimeter. This is reversible. 

Organizations today are evolving in the cloud, forming subsidiaries, and rely on third-party vendors more than ever before. Now, a majority of digital assets are located outside the traditional enterprise infrastructure — falling outside the immediate control of IT and security teams. In this critical time of need, all the digital doorways into an enterprise must be monitored in real-time.

Detect to protect: Reposify’s EASM platform flags exposed unknown assets vulnerable to Spring4Shell scheme

Reposify’s discovery mechanism empowers companies with precisely-mapped, comprehensive portrayal of their asset inventory. It frees up manpower critical to security teams as they grapple with the expanding attack surface. The platform maps the web in real-time, enabling security teams to detect unknown exposed assets that are vulnerable for Spring4Shell and pose a risk to your organization.   

Only by having an accurate inventory that takes the entire supply chain, third party vendors and subsidiaries into account can organizations achieve true perimeter security for the Spring4Shell vulnerability or any future vulnerabilities.

Yaron Tal

Yaron Tal is an accomplished tech entrepreneur and cybersecurity expert with close to two decades of experience in development of software solutions for cybersecurity. Prior to founding Reposify, Yaron held various managerial roles at startups where he gained extensive experience in leading R&D teams and developing successful solutions from the ground up. Yaron is an alumnus of the Israeli Cybersecurity Center where he served for over four years as an embedded system developer, researcher and team leader.

Share:

Share on linkedin
Share on facebook
Share on twitter

Ready to discover your External Attack Surface?

Read Next

Detect to protect: Reposify’s EASM flags exposed assets vulnerable to Microsoft SMB (CVE-2022-26809)

Microsoft covered more than 100 vulnerabilities in April's security update, among them patches to critical remote code execution (RCE) vulnerabilities located in Microsoft’s SMB. In response Reposify's EASM platform scanned and identified 800,000+ nodes with open SMB protocol on both patched and unpatched systems. Read our latest blog and learn how Reposify's EASM can detect unknown exposed assets vulnerable to Microsoft’s SMB.

Security teams: here’s why you should choose EASM over Shodan?

If you are using Shodan to search for your company’s assets or perform reconnaissance as part of blue or red teams routines - you need to keep reading.

My Entrepreneurial Journey Began With a Eureka Moment, and Now Continues With Raising $8.5m in Seed Round(!)

Reposify announced an $8.5 million seed round of funding. Hear Yaron Tal, founder & CTO at Reposify, tell his entrepreneurial story, from vision to reality.
Yaron Tal