Home page logo
/

isn logo Information Security News mailing list archives

Patch management flubs facilitate cybercrime
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 28 Mar 2014 06:44:52 +0000 (UTC)

http://www.networkworld.com/news/2014/032714-solutionary-280149.html

By Ellen Messmer
Network World
March 27, 2014

Failures in patch management of vulnerable systems have been a key enabler of cybercrime, according to the conclusions reached in Solutionary’s annual Global Threat Intelligence Report out today, saying it sees botnet attacks as the biggest single threat.

The managed security services provider, now part of NTT, compiled a year’s worth of scans of customers’ networks gathered through 139,000 network devices, such as intrusion-detections systems, firewall and routers, and analyzed about 300 million events, along with 3 trillion collected logs associated with attacks. Solutionary says it relies on several types of vendor products for these scans, including Qualys, Nessus, Saint, Rapid7, nCircle and Retina.

Solutionary also looked at the latest exploit kits used by hackers, which include exploits from as far back as 2006. Solutionary found that half of the vulnerability scans it did on NTT customers last year were first identified and assigned CVE numbers between 2004 and 2011.

“That is, half of the exploitable vulnerabilities we identified have been publicly known for at least two years, yet they remain open for an attacker to find and exploit,” Solutionary said in its Global Threat Intelligence Report. “The data indicates many organizations today are unaware, lack the capability, or don’t perceive the importance of addressing these vulnerabilities in a timely manner.”

[...]

--
Find the best IT Security talent without breaking your recruiting budget.
Jobs cross-posted to Simply Hired, Facebook and LinkedIn.
Hot InfoSec Jobs - http://www.hotinfosecjobs.com/

  By Date           By Thread  

Current thread:
  • Patch management flubs facilitate cybercrime InfoSec News (Mar 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]