By the time you read this, a zero-day CVE is likely being exploited. Researchers at Cloudflare have observed that newly disclosed vulnerabilities are under attack as quickly as 22 minutes after a proof of concept (POC) is released.
Cloudflare reports that attackers are more active than ever, rapidly exploiting security vulnerabilities with malware faster than defenders can respond. The speed of exploitation outpaces the creation of WAF rules or deployment of patches, prompting Cloudflare to combine human-written signatures with an ML-based approach to balance low false positives with rapid response times.
As a provider of content delivery, cybersecurity, DDoS mitigation, and domain registration services, Cloudflare is witnessing an unprecedented rate at which vulnerability disclosures turn into active attacks. This surge is primarily due to increased scanning activity by threat actors seeking vulnerable systems, leading to a rise in automated exploit attempts.
“The speed of exploitation of disclosed CVEs is often quicker than the speed at which humans can create WAF rules or create and deploy patches to mitigate attacks,” @Cloudflare said in its Application Security Report. #cybersecurity #infosec #ITsecurity https://t.co/d2cQJOoH0g
— SC Media (@SCMagazine) July 17, 2024
The findings suggest that attackers are targeting low-hanging fruit—publicly known flaws in the window between disclosure and widespread patch availability. This trend indicates attackers’ success in exploiting old vulnerabilities and highlights a shift in the global political landscape and polarized user opinions.
Cloudflare notes that geopolitical uncertainty and the active 2024 voting season have significantly increased malicious traffic activity across the internet. The rapidly evolving security landscape underscores the need for enhanced defensive measures.
Start Growing with Cloudways Today.
Our Clients Love us because we never compromise on these
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He’s also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.