The time left for system administrators to patch newly disclosed vulnerabilities is much shorter than previously thought. Hackers have been monitoring security firms for new vulnerability disclosure reports, typically scanning for vulnerabilities 15 minutes after a CVE is published, with the first vulnerabilities observed within hours, according to an Incident Response Report released by security firm Palo Alto. Use try. Palo Alto used the F5 BIG-IP remote execution vulnerability CVE-2022-1388 disclosed on May 4, 2022 as an example. Within 10 hours of the CVE announcement, 2,552 scans and exploit attempts were recorded. This offensive and defensive battle leaves less and less time for either side every year. The Palo Alto report said that the most exploited vulnerabilities in the first half of 2022 were ProxyShell at 55%, followed by Log4Shell discovered by Alibaba at 14%, SonicWall at 7%, and ProxyLogon at 5%.
This article is reprinted from: https://www.solidot.org/story?sid=72273
This site is for inclusion only, and the copyright belongs to the original author.