Hackers Regularly Exploit Vulnerabilities Before Public Disclosure, Study Finds

Many hackers are opportunistic and often attempt to exploit security gaps to launch an attack days before a vulnerability is disclosed.

According to a new report published on July 31 by GreyNoise, attacker activity precedes the time a new vulnerability in edge devices is publicly disclosed and given a common vulnerabilities and exposures (CVE) number in 80% of cases.

These pre-disclosure spikes of activity include scanning, brute forcing and exploitation attempts – although zero-day exploit attempts represent the majority of the activity observed. This activity can precede the CVE disclosure by up to six weeks, the GreyNoise researchers found.

To read the complete article see:

Hackers Regularly Exploit Vulnerabilities Before Public Disclosure

See full report here (Gated):

Early Warning Signals: Attacker Behavior Precedes New Vulnerabilities