The Download
A new study released by security company Cloud Flare shows hackers can begin weaponizing and exploiting vulnerabilities as quickly as 22 minutes after public release of Proof of Concept (PoC). While we have long known that hackers take public release PoC code (often from white hat security research firms) and then weaponize them by dropping in new payloads in hacking toolkits, the new study shows the rate of weaponization gives defenders mere minutes now.
An example timeline of JetBrains vulnerability CVE-2024-27198 is given below:
In this case, security vulnerability management firm Rapid7 shared Proof-of-Concept code of the Jetbrains CVE a few hours after the vulnerability was publicly disclosed. Within 22 minutes, CloudFlare observed exploitation attempts leveraging the PoC code.
With generative AI, it is relatively straightforward to generate exploit code from a vulnerability. While it is unclear whether AI is being used to rapidly weaponize, we know the technology is within fingers reach.
What You Can Do
Obviously the short timelines between PoC release and weaponization make timely vulnerability discovery and patching even more important than ever. While most firms do not have the capacity to do discover and patch on these timelines, the quicker you can discover and patch vulnerabilities that are being actively exploited, the less likely you are to be compromised.
ThreatMate provides continuous threat exposure management, which means we do the hard work for you, scanning your networks continuously. In addition, we apply threat intelligence to vulnerabilities focusing your efforts on the vulnerabilities that are being actively exploited. Get started with ThreatMate to reduce those timelines and stay in front of the bad guys.
To Learn More: