OSINT for routinely exploited vulnerabilities

Patching widely known vulnerabilities

Cyber threat actors will exploit what’s available to them. This means they will leverage known and often dated vulnerabilities. Exploitation of common and dated vulnerabilities requires fewer resources and effort. These attacks are built into their tool kits. Compared to zero-day exploits, threat actors have to develop and engineer new tactics to successfully attack their targets. Exploiting older vulnerabilities is cheaper and easier on the attacker. This means that they will use them if they discover them in your environment.

Monitoring for vulnerabilities and exploit trends

How do you know when cyber threat actors are shifting to a set of vulnerabilities? For example, how do you become aware that cyber threats are shifting to target VPNs.  Recently, Citrix VPN appliances, known as CVE-2019-19781, has been detected in the wild. Pulse Secure VPN servers, known as CVE-2019-11510, continues is a common target of malicious actors. When the world starts discussing “arbitrary code execution” in this shift, are you in the know?

Don’t get distracted by digital transformation forced by Covid-19

We’ve all been forced to re-calibrate all of our priorities. This resulted in digital transformation that has never been seen before. With users new to many cloud-based technologies like Office365 and Zoom, cyber actors will position their attacks to low hanging fruit in these new environments ripe with opportunity to exploit a mis-configuration or weak security control. However, don’t get distracted with WFH and have a major oversight on what used to be your focus. Chatter about a RCE for a VPN technology you use and still have active at HQ is a serious matter.

Prioritize vulnerability management based on open source intelligence

vulnerability intelligence

To understand where to focus resources to reduce cyber exposure, organizations require open source vulnerability intelligence and insights. Vulnerability management and security operations teams need exposure and exploit information to understand the potential impact of a newly disclosed vulnerability and dated CVEs. DigitalStakeout Scout enables you to automate this intelligence process by setting rules on tagging, enriching and prioritizing vulnerability and exploit chatter.

If you need immediate help with this concern, please contact us and a member of our team will get back to you ASAP.