Tag Archive for: overwhelmed

Security Teams Overwhelmed With Bugs, Bitten by Patch Prioritization


The number of vulnerabilities disclosed in the first half of the year topped 11,800, forcing companies to determine the impact of an average of 90 security issues per weekday.

The numbers are from cybersecurity firm Flashpoint’s “The State of Vulnerability Intelligence — 2022 Midyear Edition” report, which notes that the massive number of vulnerabilities reported in the first half of the year highlights the problems facing companies as they try to triage software security issues and determine which software updates to prioritize. 

Without better guidance, organizations attempting to sort through the security issues struggle to separate those that are highly critical from minor vulnerabilities and those that may not affect their environment at all, says Brian Martin, vice president of vulnerability intelligence at Flashpoint.

“There are some issues that will have no bearing on any real organization in the world — it might be a vulnerability in some Chinese blog that has seven installs worldwide,” Martin says. “On the other hand, we do have vulnerabilities in Microsoft products, Google products, Apple products. Stuff that is just as high-profile and concerning as any issue from a Patch Tuesday.”

Daily vulnerability volumes
Daily vulnerability volumes in the first half of 2022. Source: Flashpoint

Clouding the issue is the focus put on zero-day vulnerabilities, those labeled as “discovered in the wild” by researchers before a patch is available. These are difficult to collect information on. Google’s Project Zero documented 20 such vulnerabilities exploited in the wild in the first half of 2022, while Flashpoint found at least 17 more issues.

Yet the most common attacks usually use known vulnerabilities.

“Discovered-in-the-wild vulnerabilities are often used in high-profile breaches or are attributed to Advanced Persistent Threat (APT) attacks,” the report states. “Due to their nature, organizations often lack defensive options for them. However, business leaders need to keep in mind that discovered-in-the-wild vulnerabilities represent a tiny fraction of compromises occurring around the world.”

Organizations also had to deal with a growing number of days with hundreds of reported vulnerabilities because…

Source…

DDoS attack overwhelmed Dyn despite mitigation efforts

Dyn says that the DDoS attack that swamped its DNS resolution service last week was backed by far fewer internet of things (IoT) devices than it thought before.

Previously it said it was hit by traffic from tens of millions of IP addresses, some of which were likely spoofed, making the actual number of bots involved far fewer. “We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints,” the company says in a status update.

The attacks, which knocked out access to some high-profile Web sites, threw as many packets at Dyn’s infrastructure as it could and the company responded with its own mitigation actions as well as cooperation from upstream internet providers who blocked some of the attack flow. “These techniques included traffic-shaping incoming traffic, rebalancing of that traffic by manipulation of [DNS querying] anycast policies, application of internal filtering and deployment of scrubbing services,” the company says.

To read this article in full or to leave a comment, please click here

Network World Tim Greene