Skip to main content

Hackers now exploit new vulnerabilities in just 15 minutes

Hackers are now ​​moving faster than ever when it comes to scanning vulnerability announcements from software vendors.

Threat actors are actively scanning for vulnerable endpoints within a period of just 15 minutes once a new Common Vulnerabilities and Exposures (CVE) document is published, according to Palo Alto’s 2022 Unit 42 Incident Response Report.

A depiction of a hacker breaking into a system via the use of code.
Getty Images

As reported by Bleeping Computer, the report stresses how hackers are always scanning software vendor bulletin boards, which is where vulnerability announcements are disclosed in the form of CVEs.

From here, these threat actors can potentially exploit these details in order to infiltrate a corporate network. It also gives them an opportunity to distribute malicious code remotely.

“The 2022 Attack Surface Management Threat Report found that attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced,” the blog post from Palo Alto’s Unit 42 states.

With hackers becoming more dangerous than ever in recent years, it can take them mere minutes to find a weak point in their target’s system. This is naturally made much easier if they’re aided by a report detailing what exactly can be exploited.

Simply put, system administrators will basically have to expedite their process in addressing the security defects and patch them before the hackers manage to find a way in.

Bleeping Computer highlights how scanning doesn’t require a threat actor to have much experience in the activity to be effective. In fact, anyone with a rudimentary understanding of scanning CVEs can perform a search on the web for any publicly disclosed vulnerable endpoints.

They can then offer such information on dark web markets for a fee, which is when hackers who actually know what they’re doing can buy them.

A large monitor displaying a security hacking breach warning.
Stock Depot/Getty Images

Case in point: Unit 42’s report mentioned CVE-2022-1388, a critical unauthenticated remote command execution vulnerability that was affecting F5 BIG-IP products. After the defect was announced on May 4, 2022, a staggering 2,552 scanning and exploitation attempts were detected within just 10 hours of the initial disclosure.

During the first half of 2022, 55% of exploited vulnerabilities in Unit 42 cases are attributed to ProxyShell, followed by Log4Shell (14%), SonicWall CVEs (7%), and ProxyLogon (5%).

Activity involving hackers, malware, and threat actors in general has evolved at an aggressive rate in recent months. For example, individuals and groups have found a way to plant malicious code onto motherboards that is extremely difficult to remove. Even the Microsoft Calculator app isn’t safe from exploitation.

This worrying state of affairs in the cyber security space has prompted Microsoft to launch a new initiative with its Security Experts program.

Editors' Recommendations

Zak Islam
Computing Writer
Zak Islam was a freelance writer at Digital Trends covering the latest news in the technology world, particularly the…
A new WordPress bug may have left 2 million sites vulnerable
wordpress vulnerability version 472 plug in

A flaw in two WordPress custom plug-ins leaves users vulnerable to cross-site scripting attacks (XSS), according to a recent report.

Patchstack researcher Rafie Muhammad recently discovered an XSS flaw in the Advanced Custom Fields and Advanced Custom Fields Pro plug-ins, which are actively installed by over 2 million users worldwide, according to Bleeping Computer.

Read more
No, 1Password wasn’t hacked – here’s what really happened
A person using the 1Password password manager on a laptop while sat on a couch.

Password managers have been struggling with security breaches in recent months, with LastPass suffering a particularly bad hack as a notable example. So when 1Password users got an alert last week saying their Secret Keys and passwords had been changed without their knowledge, they were understandably panicked. Luckily, all was not what it seemed.

That’s because AgileBits, the company behind 1Password, has just explained exactly what went wrong during that event. And while it wasn’t as bad as everyone first thought, it still doesn’t paint AgileBits in a particularly good light.

Read more
This Bing flaw let hackers change search results and steal your files
The new Bing preview screen appears on a Surface Laptop Studio.

A security researcher was recently able to change the top results in Microsoft’s Bing search engine and access any user’s private files, potentially putting millions of users at risk -- and all it took was logging into an unsecured web page.

The exploit was discovered by researcher Hillai Ben-Sasson at their team at Wiz, a cloud security firm. According to Ben-Sasson, it would not only allow an attacker to change Bing search results but would also grant them access to millions of users’ private files and data.

Read more