Summary of Monthly Vulnerability Insights:
July reported more advisories than June’s sudden dip. (the first half year was a continued monthly increase until June)
The Log4j vulnerability is still being detected/reported by vendors after almost 8 months:
The trend that we’ve seen for the last few months with hackers focusing on the Low and Medium Vulnerabilities has increased again ( with May being an exception). These Moderate and Less Critical Vulnerabilities are normally not a priority for many organizations, but please make sure you include Threat Intelligence in your Software Vulnerability Management Process to improve your prioritization.
Important conclusions from this month's report are:
Last month we reported that 62.60% of all Secunia Advisories had a Threat ( exploits, malware, ransomware, etc.) associated with them, this month the number has been slightly lower to 64.23%↓ , with an increase in the lower and medium criticality range.
Using Threat Intelligence is going to help you with prioritizing what needs to be patched immediately.
Software Vulnerability – and Patch Management is becoming more and more important.
Due to the ongoing Russia-Ukraine conflict, attacks on critical infrastructures in many countries are increasing.
Back in 2019 (just before Covid) patching was recommended within 30 days (or 14 days for a CVSS score of 7 or higher)
Right now, hackers are able to deploy exploits within 1 week and even within 24 hours. This means that organizations need to prioritize even better to quickly patch vulnerabilities (especially the ones with threats associated with them)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.