1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Hackers start scanning for security flaws 15 minutes after disclo

    From TechnologyDaily@1337:1/100 to All on Wed Jul 27 13:45:03 2022
    Hackers start scanning for security flaws 15 minutes after disclosure

    Date:
    Wed, 27 Jul 2022 12:24:25 +0000

    Description:
    Admins need to patch their systems fast, because cybercriminals won't wait, report finds.

    FULL STORY ======================================================================

    The latest findings from cybersecurity researchers at Unit 42 are the prime example of the old adage the enemy never sleeps.

    Palo Alto Networks security arm recently published its newest Incident Response Report , in which it says that threat actors start scanning the web for vulnerable endpoints roughly 15 minutes after the CVE gets publicly disclosed.

    In other words, hackers are keeping close tabs on software vendor bulletin boards, and as soon one of them publicly announces finding a vulnerability, they rush to see where an exploit is possible. Attacks within hours

    Scanning in itself isnt a threat, and knowing a vulnerability exists is one thing, while actually exploiting it is another. However, crooks still conduct these reconnaissance tasks as they can, if all else fails, sell the intel on the black market, the researchers said.

    Some of them move fast, too - Unit 42 says that within hours, the first
    active exploitation attempts can usually be seen.

    According to Unit 42s report, the most abused flaws in the first half of the year are the ProxyShell vulnerabilities, taking up 55% of all the reported incidents for the period. ProxyShell is a term that refers to abusing CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, in a chain. Read more

    Open source Log4j scanners are here to save the day


    Hackers started scanning for vulnerable Exchange servers minutes after
    patches were released


    Here's our take for the best free web security scanners right now

    Log4Shell, the nightmare log4j vulnerability that experts expect will linger around for a decade, was second-placed with 14% of reports, followed by SonicWall CVEs with 7%.

    One of the takeaways of the report is that most of the time, cybercriminals abuse relatively old flaws, which just goes to show how important it is to patch systems, and programs, as soon as possible. Unit 42 has also said that in a third of network breaches, software vulnerabilities were used as the initial point of entry. Another third was taken up by phishing (37%) while brute-forcing, making up for 15%, rounds off the top three. These are the
    best firewalls around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/hackers-start-scanning-for-security-flaws-15-mi nutes-after-disclosure/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)