For Sale - Dark Web Exploits

Uploaded on 2021-07-17 in TECHNOLOGY--Resilience, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Updating and patching to protect against vulnerabilities as soon as they become known is vital but it's not just Zero-Day exploits that security teams need to worry about. For cyber criminals, buying a proven exploit off the shelf on the Dark Web has the advantage of something known to be effective, where all the hard work has already been done for the buyer.

Indeed, researchers at Trend Micro have found that 22% of exploits for sale in underground forums are more than three years old, emphasising the importance that organisations should place on patching vulnerabilities that pose the greatest risk to their organisation, not just the latest ones.

A new report Trend Micro reveals a decline in the market for Zero-Day over the past two year, driven in part by the  the rise of Access-as-a-Service, the new force in the exploit market. Access-as-a-Service has the advantages of an exploit, but all the hard work has already been done for the buyer, with underground prices starting at $1,000.  

The lifespan of a vulnerability or exploit does not depend on when a patch becomes available to stop it. In fact, older exploits are cheaper and therefore may be more popular with criminals shopping in underground forums and virtual patching remains the best way to mitigate the risks of known and unknown threats to your organisation.

The report reveals several risks of legacy exploits and vulnerabilities, including:

  • The oldest exploit sold in the underground was for CVE-2012-0158, a Microsoft RCE.
  • CVE-2016-5195, known as the Dirty Cow exploit, is still ongoing after five years.
  • 47% of cyber criminals looked to target Microsoft products in the past two years.

These trends are combining to create greater risk for organizations. With nearly 50 new CVEs released per day in 2020, the pressure on security teams to prioritize and deploy timely patches has never been greater, and it’s showing. 

Today, the time to patch averages nearly 51 days for organizations patching a new vulnerability. To cover that gap in security protection, virtual patching is key. It is based on intrusion prevention technology and offers a hassle-free way to shield vulnerable or end-of-life systems from known and unknown threats indefinitely. Applying all available vulnerability patches can be a nearly impossible task for any organisation. It is simply unrealistic for organisations to have their systems be completely invulnerable. Virtual patching is one way for organisations to buy additional time needed for security teams to implement the necessary updates, making it a crucial aspect of patch management. 

While several patch prioritisation approaches exist for vulnerability management, organisations should  factor into the equation the exploits that cyber criminals actually wish to use and can purchase, rather than simply patching vulnerabilities based on severity. 

Since vendors and manufacturers need time to come up with and deploy the necessary patches and upgrades upon the disclosure of a vulnerability, these temporary fixes give them time for permanent solutions, as well as help avoid unnecessary downtime for organisations to implement patches at their own pace. This is especially important when it comes to zero-day vulnerabilities since virtual patches protect systems and networks by serving as an additional security layer from both known and unknown exploits. 

Trend Micro's researchers saw the price of an exploit continually drop over time until it eventually fell to zero, making the exploit progressively more accessible to more cyber criminals as time passed and allowing more malicious actors to incorporate the exploit for the vulnerability into their cyber criminal business models. 

The longevity of a valuable exploit is longer than you might reasonably expect and this is vital information for anyone who manages their organisation’s patch management program, since addressing yesterday’s popular vulnerability can often be more important than addressing today’s critical one. 

Trend Micro:      Trend Micro:   

You Might Also Read:
 

Avoiding Arrest: Cyber Criminals Share Dark Web Secrets:

 

« Microsoft Buys RiskIQ
IISS: Cyber Capabilities & National Power Rankings »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Cambray Solutions

Cambray Solutions

Cambray Solutions specializes in locating and securing technical professionals, managers, and executives.

SRI International

SRI International

SRI International is a research institute performing client-sponsored R&D in a broad range of study areas including computing and cybersecurity.

BigID

BigID

BigID is redefining personal data protection and privacy. BigID software helps companies secure their customer data & satisfy privacy regulations like GDPR.

Malware Patrol

Malware Patrol

Malware Patrol provides intelligent threat data that protects against cyber attacks.

Plixer

Plixer

Plixer delivers a network traffic analytics system used for monitoring, visualization, and reporting of network and security incidents.

IPN (ICT Research Platform Nederlands)

IPN (ICT Research Platform Nederlands)

IPN promotes academic research and education in the ICT field by building and maintaining a national community, and by developing policy to advance the field. Areas of focus include Cyber Security.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

th4ts3cur1ty.company

th4ts3cur1ty.company

th4ts3cur1ty.company specialize in delivering intelligence lead adversary emulation purple teaming & the bespoke building of Security Operation Centers.

DestructData

DestructData

DestructData is a leading independent provider of End of Life data destruction/security solutions.

MainNerve

MainNerve

MainNerve helps secure networks, applications, people, and facilities… enabling businesses to reduce risk and increase their cybersecurity posture.

Sencode Cyber Security

Sencode Cyber Security

Sencode provides a range of IT security solutions and services, including penetration testing and cyber awareness training to help mitigate the growing risks to your corporate infrastructure.

Support Link Technologies (SLT)

Support Link Technologies (SLT)

Support Link Technologies are an IT Solutions Company committed to achieving customer satisfaction through excellent customer service.

MoogleLabs

MoogleLabs

MoogleLabs leverage AI/ML, Blockchain, DevOps, and Data Science to come up with the best solutions for diverse businesses.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.

SPIE Switzerland

SPIE Switzerland

SPIE Switzerland AG, a subsidiary of the SPIE Group, is a Swiss full-service provider of ICT, multi-technical and integral facility services.

Fingerprints

Fingerprints

Fingerprints is the world-leading biometrics company. Our solutions are found in millions of devices providing safe and convenient identification and authentication with a human touch.