IBM warns ‘zero-day’ hacker exploits growing

Simply because this is old news (from August 26, 2008) does not make it any less relevant or chilling. According to IBM's X-Force 2008 Mid-Year Trend Analysis,
Cyber-criminals are adopting new automation techniques and strategies that allow them to exploit vulnerabilities much faster than ever before. The new tools are being implemented on the Internet by organized criminal elements, and at the same time public exploit code published by researchers are putting more systems, databases and ultimately, people at risk of compromise.

94 percent of all browser-related online exploits occurred within 24 hours of official vulnerability disclosure. These attacks, known-as "zero-day" exploits, are on the Internet before people even know they have a vulnerability that needs to be patched in their systems.

No comments: