The time to repurpose vulnerabilities into working exploits will be measured in hours and there’s nothing you can do about it… except patch
By Fred House
2021 is already being touted as one of the worst years on record with respect to the volume of zero-day vulnerabilities exploited in the wild. Some cite this as evidence of better detection by the industry while others credit improved disclosure by victims. Others will simply conclude that as the “upside” grows (e.g., REvil demanding $70M or Zerodium paying $2.5M for exploits) so too will the quantity and quality of players. But the scope of these exploitations, the diversity of targeted applications, and ultimately the consequences to organizations were notable as well. As we look to 2022, we expect these factors to drive an increase in the speed at which organizations respond.
If we look back at the past 12 months, we have seen notable breaches that highlight the need for organizations to improve response times:
ProxyLogon. When we first learned in 2020 that roughly 17,000 SolarWinds customers were compromised, many reacted in shock at the pure scope of the compromise. Unfortunately, 2021 brought its own notable increase in volume. Two weeks after Microsoft released a patch for ProxyLogon they reported that 30K Exchange servers were still vulnerable (less conservative estimates had the number at 60K).
ProxyShell. ProxyShell, a collection of three separate vulnerabilities (CVE-2021-31207, CVE-2021-34473 and CVE-2021-34523), was Exchange’s second major event of the year after ProxyLogon. In August, a Black Hat presentation outlining Exchange S ..
Support the originator by clicking the read the rest link below.
