Security News > 2022 > July > Time from vulnerability disclosures to exploits is shrinking
Palo Alto Networks' annual Unit 42 incident response report is out, warning of an ever-decreasing gap between vulnerability disclosures and an increase in cybercrime.
"The 2022 Attack Surface Management Threat Report found that attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced," the vendor says.
Approximately 36 percent of the 600 incident response cases studied in Unit 42's report were ransomware, while 34 percent of attackers chose business email compromise, where the scammers target legit addresses and then use their access to start redirecting funds and issuing invoices and the like.
As for how attackers get into enterprise systems, most of the intrusions were put down to our old friend phishing, the exploitation of known vulnerabilities or brute force credential attacks.
Looking at ransomware in particular, the report found that it was vulnerabilities that occupied almost half of the mean of initial access, followed by brute force credential attacks and phishing.
As for where things are going, researchers predict that the time to patch will continue to shrink and the skills necessary to carry out an attack will reduce.
News URL
https://go.theregister.com/feed/www.theregister.com/2022/07/27/palo_alto_unit_42/
Related news
- CISA Warns of Active Exploits Targeting Trimble Cityworks Vulnerability (source)
- Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Targets Over 6,000 Devices (source)
- Apache Tomcat Vulnerability Actively Exploited Just 30 Hours After Public Disclosure (source)
- BlackLock Ransomware Exposed After Researchers Exploit Leak Site Vulnerability (source)