Read Time:1 Minute, 47 Second

GreyNoise scans and separates threats from background noise in internet traffic.

The cybersecurity startup GreyNoise Intelligence, which analyses internet scanner data to extract threats from background noise, has released its first 2022 Mass Exploitation Report, an in-depth study of important Threat Detection occurrences of the previous 12 months.

Bob Rudis, Vice President of Research & Data Science GreyNoise Intelligence, stated, “When it comes to cybersecurity, not all vulnerabilities are created equal, and many of the ones that garner media attention actually turn out to be insignificant.

“GreyNoise is in a unique position to help organisations understand what technologies are under mass exploitation, and provides critical tools and data to help security analysts prioritise patching, identify and block malicious sources with confidence, and stay ahead of adversaries.”

In 2022, GreyNoise added more than 230 new detection tags, an increase of almost 38% from 2021. 

GreyNoise researchers offer information about the following in their 2022 Mass Exploitation Report:

  • A breakdown of the CVE-2022-1388, an F5 Big-IP iControl REST Authentication Bypass, and the celebrity vulnerability hype cycle
  • The depth and breadth of CVE-2022-26134, a severe flaw in Atlassian Confluence, demonstrate how determined attackers will never allow a critical vulnerability to go unpatched.
  • The effect on defenders of the publication of the CISA Known Exploited Vulnerabilities Catalogue

The GreyNoise VP Data Science Bob Rudis’ predictions for 2023 are included in the 2022 Mass Exploitation Report, along with details on the most significant threat detection events of 2022. He cautions that there will be continual, daily attempts to exploit the internet.

He warns organisations to stay vigilant and diligent when putting services on the internet. More attacks are most likely to happen. More headline-grabbing Log4j-centric attacks are expected to occur. Thus businesses should observe internal attacks and post-initial access. 

He says, “Organisations have to strive for perfection, while attackers need only persistence and luck to find that one device or service that is still exposing a weakness. We will see more organisations impacted by this, and it is vital you do what you can to ensure yours isn’t one of them.”

About Post Author

Mitchell Eaton

mitchellsamueleaton@gmail.com
Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Total
0
Shares
Share 0
Tweet 0
Pin it 0
Share 0
0 0
In,
Discussion Previous post Cybersecurity: A Discussion Not Only For The Techies
ransomware attacks Next post NCC Group Reports a 41% Increase in Ransomware Attacks in November

More Stories