April 8, 2022
Syhunt Hybrid 6.9.13 adds Spring4Shell vulnerability detection, expands SCA and DWET capabilities
Syhunt's breach hunting tool (formerly IcyDark) is now Syhunt Breach.
Last week we all learned about the critical Spring4Shell (CVE-2022-22965) vulnerability that affects Spring apps and that when exploited by attackers may result in remote command execution. Today we release Syhunt Hybrid 6.9.13 which adds the detection of the Spring4Shell vulnerability to Syhunt tools, Syhunt Dynamic, Syhunt Code and Syhunt Forensic (formerly Insight). In addition to this critical DAST check, Syhunt 6.9.13 expands its SCA component in Syhunt Code to cover the Spring4Shell vulnerability and adds 260 new ransomware related leaks to its Syhunt Breach tool (formerly IcyDark), reaching a total of 3103 ransomware group leaks.
In 2019, Syhunt added the detection of outdated vulnerable JavaScript code to Syhunt Code 6.6, a feature of SCA (software composition analysis) tools. This made Syhunt Code go beyond SAST (static source code analysis). In December 2021, the SCA component, known as Syhunt Code Composition, has been updated to cover Log4J vulnerability and now it has been updated to detected the Spring4Shell vulnerability as well. Syhunt Code Composition checks for vulnerable Spring, SpringBeans, SpringBoot, SpringWebFlux and SpringWebMVC packages and currently is available at no additional cost as part of Syhunt Code.
Today we are also announcing a few product name changes: the Syhunt IcyDark product will now be called Syhunt Breach and the Syhunt Insight log scanner will now be called Syhunt Forensic. The name change will more accurately reflect the nature of the product which expanded its coverage to support not only dark web breach hunting, but also breach prevention, forensic analysis and on-demand services through Syhunt Hybrid's console. Despite the name changes affecting the mentioned products, Syhunt's dark web monitoring division will continue to be called Syhunt Icy.
The old product names and the corresponding new names
Syhunt Insight | -> | Syhunt Forensic |
Syhunt IcyDark | -> | Syhunt Breach |
Syhunt IcyScore | -> | Syhunt Breach Score |
Happy breach hunting!