QOTD - On Zero Day Attacks

Zero-day attacks last between 19 days and 30 months, with a median of 8 months and an average of approximately 10 months. This shows that attackers have plenty of time to execute their attack without hinderance before it becomes a known vulnerability.
After zero-day vulnerabilities are disclosed, the number of malware variants exploiting them increases 183–85,000 times and the number of attacks increases 2–100,000 times.
[...]
Once a vulnerability has been announced hackers worldwide get to work creating their attacks for the vulnerability. Knowing this data it is best to keep a machine up to date on patches. 
Src: Zero-day Attack Data | Cyber Security
Link to full paper

Note: emphasis is mine

No comments: