Article: Hackers scan for vulnerabilities within 15 minutes of disclosure

h0w1tzr’s Commentary: I long suspected that APT groups were taking advantage of this, but I didn’t realize how quickly some of them are doing it!

System administrators have even less time to patch disclosed security vulnerabilities than previously thought, as a new report shows threat actors scanning for vulnerable endpoints within 15 minutes of a new CVE being publicly disclosed.

According to Palo Alto’s 2022 Unit 42 Incident Response Report, hackers are constantly monitoring software vendor bulletin boards for new vulnerability announcements they can leverage for initial access to a corporate network or to perform remote code execution.

However, the speed at which threat actors begin scanning for vulnerabilities puts system administrators in the crosshairs as they race to patch the bugs before they are exploited.

Links

Leave a Reply