Other issues in this category (69)
Every hour counts
"Updates are ready to be installed"—an annoying message, right? But there’s no escaping reality. New vulnerabilities are constantly being discovered in applications. It doesn't matter who actually discovered a loophole. Sooner or later, it will be made public, the developer will release a security update, and even criminals who didn't know about the vulnerability will become aware of its existence. How much time do users have before an attack begins?
Another example of an attack shows how criminals try exploiting not only vulnerabilities in web applications but also loopholes in device firmware. Information about CVE-2017-8220 was published on April 25, and on April 28 the first attacks were mounted on devices.
Figure 8. An example of a “remote code and shell command execution” attack being discovered
Thus, only a few days can elapse between when information about a vulnerability is published and that vulnerability is exploited. (This timeframe can vary depending on how complicated a vulnerability is to exploit). If a web application comes under attack, the perpetrator will first attempt to leverage the most recently discovered vulnerabilities since they probably haven't been patched yet.
Three days. Provided that two of those days could fall at the weekend, the timeframe is very short.
And here is another interesting question: at what time of day is an attack launched?
The average attack intensity in the space of 24 hours for one company. The figure below contains values for all industries (the local time was used for each organisation).
To illustrate our case more clearly, let's use PT AF to draw a graph for April 17 for one of the companies.
As you can see, the attack intensity clearly correlates with employee activity—when they get to their desks, the time before lunch, and the end of working hours. The fourth peak, which occurs at night, can be explained by the fact that during these hours, the probability of the company’s security service responding to the attack is lower.#vulnerability #security_updates #anti-virus_updates
The above statistics indicate that security updates must be applied no later than two days after their release. But never later than that! Meanwhile, anti-virus updates must be installed immediately after their release. For that to happen just make sure you don't change the default update schedule that has been set by the developers.