Hackers are getting faster at exploiting zero day flaws. That’s going to be a problem for everyone

Hackers were much faster to exploit software bugs in 2021, with the average time to exploitation down from 42 days in 2020 to just 12 days.

That marks a 71% decrease in ‘time to known exploitation’ or TTKE, according to security firm Rapid7’s new 2021 Vulnerability Intelligence Report. The main reason for the reduction in TTKE was a surge in widespread zero-day attacks, many of which were used by ransomware gangs, according to the company.

As Rapid7 notes, 2021 was a grim year for defenders, which kicked off with the SolarWinds Orion supply chain attack which was pinned on Russian state-sponsored hackers. The year ended with the very different Apache Log4j flaw, which had no obvious main attacker but was spread across millions of IT systems.

Read more…
Source: ZDNet