February 7, 2023
Hackers are mass infecting servers worldwide by exploiting a patched hole
Today’s reminder that patch availability is not directly correlated to the end of an exploit’s utility.
The persistent belief that 0days must be reported to vendors immediately to “improve security for everyone” is based on a fantasy. The reality is that reporting bugs simply increases the quantity and diversity of exploits available to all threat actors.
In the ideal world when a bug is reported to a vendor they prioritise it and quickly fix it. Then when the patch is released, everyone immediately patches their software, rendering the vulnerability completely harmless. And there are unicorns.
But we live in reality, where bugs sit in vendor’s bug trackers for months (or years), and patches are applied on only some boxes. In reality when a patch (and maybe vulnerability announcement) is released it is the threat actors who pay attention.
The problem is simple: Applying patches is tedious. Exploit development is fun.
Hackers are mass infecting servers worldwide by exploiting a patched hole | Ars Technica
Servers running unpatched versions of ESXi are sitting ducks for ESXiArgs attacks.
-
-
-
#CyberSecurity #cybersecurite
source : linkedin.com/posts/ali-farh…
