BitSight Releases New VPNFilter & Oracle Weblogic Vulnerability Identification Filters

Alex Campanelli | July 6, 2018 | tag: BitSight

Within the BitSight Security Ratings platform, we prioritize features that help organizations both identify and manage risks across their own networks and the networks of their third parties. BitSight now enables users to identify organizations who are potentially vulnerable to VPNFilter malware or Oracle’s WebLogic server problems.

VPNFilter is a piece of malware allegedly linked to the same Russian hacking group that made headlines during the 2016 election, which has now shown up in 54 countries including the United States. This malware uses known vulnerabilities to infect home office routers, and once that happens, it reports back to a command-and-control infrastructure that can install purpose-built plug-ins, which will perform actions like eavesdropping on internet traffic to steal website credentials.

Within your BitSight Security Ratings portal, it’s simple to identify the VPNFilter vulnerability on your own network or on that of a third or fourth party. By doing this, you could find endpoints vulnerable to the VPNFilter malware, which could potentially take control of network devices. Go to Portfolio ➔ All Companies and search for “VPNFilter” in the “Search filter options…” bar, and then include “VPNFILTER (potential)” in your search.

vpnfilter_360

Oracle’s April 2018 Critical Patch Update contained a patch for a vulnerability in the WebLogic Server (WLS) core component of WebLogic. In the update, this security issue received a severity score of 9.8 out of 10, given that it could allow attackers to execute code on remote WebLogic servers without actually needing to authenticate.

To search for the WebLogic vulnerability on your own network or on a third parties’, you can search within the BitSight Security Ratings portal to find vulnerable servers. This will show where BitSight observed the presence of infected WebLogic machines that are attempting to find other vulnerable machines. This vulnerability could allow attackers to execute code on remote WebLogic servers without needing to authenticate. Go to Portfolio ➔ All Companies and search for “Weblogic” in the “Search filter options…” bar, and then include “WeblogicWorm” in your search.

weblogic_portfolio_360

These new filters provides valuable insight into the security posture of an organization (and its vendors). With global cyber attacks that can exploit internal vulnerabilities, companies must keep track of all the endpoints on their network and ensure that patching is consistent and up-to-date. BitSight is leading the way in the Security Rating Services industry to provide advanced vulnerability identification equipping security and risk professionals to reduce the cyber risk associated with their third parties and within their organizations.

Get Your Rating

Suggested Posts

Celebrating 10 Years of BitSight: A Co-Founder Looks Back

It’s hard to believe, but BitSight is celebrating our 10 year anniversary this week! I co-founded BitSight in 2011 with my friend and grad school classmate, Nagarjuna Venna. When I think back at our original idea of creating a global...

READ MORE »

Meet Our Customer Success Team: Ashley Ritrovato

Check out this Q&A with a US-based member of BitSight's Customer Success team to learn about her role as an BitSight Advisor & Customer Success Manager, her experience, and more.

READ MORE »

Meet Our Customer Success Team: Alessandra Pilloni

Check out this Q&A with a London-based member of BitSight's Customer Success team to learn about her role as an Customer Success Manager, her experience, and more.

READ MORE »

Get the Weekly Cybersecurity Newsletter.