A Palo Alto Security Report Raised Concerns About The Speed With Which Hackers Are Finding Vulnerabilities, Which CVE Notices Are Causing.
Today, hackers move faster than ever, immediately after software vendors document vulnerabilities.
According to a report published by Bleeping Computer, the Palo Alto cybersecurity firm believes that an analytical essay called the 2022 Incident Response Unit 42 shows that attackers actively targeted vulnerable endpoints (any device connected to a secure business network) as soon as the Common document was released. Vulnerabilities and Exposures or CVEs and scanned in just 15 minutes.
Bleeping Computer’s report explains how hackers constantly scrutinize software vendors’ notices, where security warnings about vulnerabilities in the form of CVE identifiers are published so that consumers can receive security patches as soon as possible; But, hackers exploit this possibility to their advantage.
Hackers can potentially exploit document details to infiltrate a company’s network.
Also, this information allows them to distribute malicious code remotely.
As hackers have become more dangerous in recent years, it only takes a few minutes for a vulnerability in a system to be exploited and allow them to infiltrate systems. Especially now, detailed reports of what’s being hacked are being released and helping them out.
Simply put, system administrators need to speed up their process of addressing security flaws and fixing them before hackers find a way.
Next, Bleeping Computer shows how scanning for vulnerabilities by inexperienced threat actors can be effective. Anyone with essential CVE documentation can find exposed, vulnerable endpoints with a web search.
Then, hackers can sell the obtained information on dark web markets for a price, which is where professional hackers come in; By purchasing this information, they have the necessary knowledge and ability to implement any scenario.
Unit 42’s report cited a vulnerability document with ID CVE-2022-1388, a critical unverified remote command execution vulnerability affecting F5 BIG-IP products. After the details of this technical defect were announced on May 4, 2022 (May 14, 1401 AD), within 10 hours of its announcement, a staggering number of 2,552 scans and attempts to infect it were recorded.
During the first half of 2022, 55% of exploited vulnerabilities in unit 42 files are attributed to ProxyShell vulnerability, followed by Log4Shell with 14%, SonicWall CVEs with 7%, and ProxyLogon with 5%.
Activities related to hackers, malware, and all types of attacks, in general, have grown at an alarming rate in recent months. For example, malicious individuals and groups managed to find a way to inject their malicious code into the motherboard, which is complicated to deal with and remove from the motherboard. In another case, hackers followed their destructive operations by breaking into Microsoft’s calculator.
Growing concerns about cyber security have made Microsoft pursue its Security Experts program more seriously.