The UK's National Cyber Security Centre (NCSC) has launched the Scanning Made Easy (SME) trial project to help businesses quickly and easily identify security vulnerabilities in their systems.
SME will see various scripts being offered to businesses for free allowing them to easily identify a range of specific critical vulnerabilities. The aim is to make patching more straightforward for businesses, especially ones with fewer cyber security capabilities compared to larger firms.
The NCSC said it won't be releasing scripts for every single vulnerability but said they will be continually developed and reviewed for security issues that "are consistently causing headaches for system administrators".
The scripts will be written by the NCSC's i100 partners (i100 is an initiative that promotes collaboration between the NCSC and outside industry talent) and will conform to the cyber organisation's SME developer guidelines which defines what the script is able to do and how it verifies a vulnerability.
"It is important that anyone running the scripts knows what they do," the NCSC said.
Each script will be written using the NMAP Scripting Engine, one of NMAP's most powerful tools designed for developers to easily create and share scripts to automate a variety of networking tasks in the industry-standard network mapping tool.
RELATED RESOURCE
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service management
"When a software vulnerability is disclosed, it is often easier to find proof-of-concept code to exploit it, than it is to find tools that will help defend your network," the NCSC said.. "To make matters worse, even when there is a scanning script available, it can be difficult to know if it is safe to run, let alone whether it returns valid scan results.
"SME was born out of our frustration with this problem and our desire to help network defenders find vulnerable systems, so they can protect them."
The first script SME has released is for Exim message transfer agent (MTA) remote code execution (RCE) vulnerabilities, sometimes known as '21Nails' or otherwise tracked as CVE-2020-28017 through CVE-2020-28026.
Businesses can download the script via GitHub and are advised to run the script regardless of whether they think they have Exim MTA - "you might be surprised by what you find installed on your network," it said. Once it has run, the script will display easy-to-read results, a description of the vulnerability, and a link to the appropriate vendor's security advisory.
Businesses are also encouraged to build their own scripts, in accordance with the NCSC's SME developer guidelines, and submit them to the cyber organisation for review to expand the program further.
-
Pure Storage’s expanded partner ecosystem helps fuel Q3 growthNews The data storage vendor has announced a 16% year-over-year revenue hike in its latest earnings report, driven by continued channel and product investment
-
Partners have been ‘critical from day one’ at AWS, and the company’s agentic AI drive means they’re more important than everNews The hyperscaler is leaning on its extensive ties with channel partners and systems integrators to drive AI adoption
-
Security experts claim the CVE Program isn’t up to scratch anymore — inaccurate scores and lengthy delays mean the system needs updatedNews CVE data is vital in combating emerging threats, yet inaccurate ratings and lengthy wait times are placing enterprises at risk
-
IBM AIX users urged to patch immediately as researchers sound alarm on critical flawsNews Network administrators should patch the four IBM AIX flaws as soon as possible
-
Critical Dell Storage Manager flaws could let hackers access sensitive data – patch nowNews A trio of flaws in Dell Storage Manager has prompted a customer alert
-
Flaw in Lenovo’s customer service AI chatbot could let hackers run malicious code, breach networksNews Hackers abusing the Lenovo flaw could inject malicious code with just a single prompt
-
Industry welcomes the NCSC’s new Vulnerability Research Initiative – but does it go far enough?News The cybersecurity agency will work with external researchers to uncover potential security holes in hardware and software
-
‘The worst thing an employee could do’: Workers are covering up cyber attacks for fear of reprisal – here’s why that’s a huge problemNews More than one-third of office workers say they wouldn’t tell their cybersecurity team if they thought they had been the victim of a cyber attack.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
