This newsletter brings a slew of good news and updates. The core of our product, the Vulnerability scanner, has received some major updates that will fortify your cybersecurity defenses. Our latest efforts have focused on incorporating additional features and functionalities that will significantly improve its performance and results.
In the most recent version of ULTRA RED's scanner, we have implemented a smarter crawling component that thoroughly explores every corner of the public internet. This enables us to retrieve information, extract secrets, keys, and tokens. To eliminate false positives, each result is carefully evaluated based on its string entropy.
Exposed credentials could pose a serious risk, depending on access and permissions, threat actors could abuse them to infiltrate infrastructures and services - potentially impairing the confidentiality, integrity, and availability of the impacted systems.
String entropy is a measure of how unpredictable or random a string of characters is. Tokens typically have a baseline of randomness which the scanner measures and compares against to verify the probability of a token. In other words, it tells you how much information or variety is contained within a string, which helps us reduce false positives.
Our Vulnerability Scanner now can identify when one vector impacts another, allowing us to fuse them into a single vector with both associated tags. This comprehensive approach provides a broader understanding of the risks involved. For example, when the scanner detects an XSS vector, it also looks for a CSRF vulnerability. This combination of CSRF with XSS enables an attacker to perform "fly by" Cookie/Session Hijacking from any website using a crafted form.
With enhanced scanning capabilities, our scanner can now delve deeper into directories, providing a more thorough breakdown of all the pages and files associated with each asset.
We’ve improved our scanner’s ability to detect a variety of vulnerabilities such as XSS, open directory listings, SQL Injections, CRLF Injections and Sensitive Server Errors. All while adding additional barriers to prevent False Positives.
We have made significant improvements to our scanner's vulnerability detection capabilities. It can now identify several new vulnerabilities, including XSS, open directory listings, SQL injections, CRLF injections, and sensitive server errors. Additionally, we have implemented additional measures to minimize false positives, ensuring more accurate and reliable results.
We are continuously expanding our vector tags to cover a wider range of vulnerabilities. Some of the new tags include Directory Listing, CORS Misconfiguration, and Improper Error Handling. We are committed to regularly updating and adding more vector tags to provide a comprehensive understanding of the potential risks.
