"Attackers Never Let a Critical Vulnerability Go to Waste"

GreyNoise Intelligence has released new research that examines the past 12 months' most notable threat detection events in depth. Bob Rudis, vice president of research and data science at GreyNoise Intelligence, stated that when it comes to cybersecurity, not all vulnerabilities are created equal, and many that gain public attention often turn out not to be significant. Researchers have provided insights into the celebrity vulnerability hype cycle for its 2022 report, with a breakdown of CVE-2022-1388, an F5 Big-IP iControl REST Authentication Bypass, how hard attackers will work to never let a critical vulnerability go to waste by looking at the depth and breadth of CVE-2022-26134, a critical weakness in Atlassian Confluence, and the impact of the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerabilities (KEV) catalog releases on defenders. According to the report, there will be an increase in daily, persistent Internet-facing exploit attempts, post-initial access internal attacks, and headline-grabbing Log4j-centric attacks. This article continues to discuss key findings and insights from GreyNoise Intelligence's new research report. 

Help Net Security reports "Attackers Never Let a Critical Vulnerability Go to Waste"