I'm still running occasional OSINT vuln scans on random URLs, out of curiosity and to compare basic cyber security postures for small vs large business sites. It's becoming a downtime habit. Nothing I've learned to date has been an eye opener, really, but overall my findings are rather disheartening. For example...
Remember that site with 24 CVEs (two dating back to 2009) I mentioned in my previous post? It also had a working http and an https pointing to the same IP. Documentation and remediation suggestions were provided to the site owner; perhaps understandably, I never received a response - but shortly thereafter, zero CVEs were visible and only the https site was available. Cool beans. All was right with the world, eh?
This week I did another scan on the site, 'just because' - and found 25 CVEs plus both URLs re-enabled. Sent off another report with my concerns (just trying to help a local, gratis!), and after several days I now see that the http address redirects to the https .. but there are still twenty five vulns extant.
This .. bothers me. I've suggested the business owner find another website provider; we'll see what happens.