Hackers exploit zero day before enterprises can patch

Cybercriminals exploited the new CVE-2021-40444 remote code execution zero-day a week before the patch was issued on September 14, according to the latest report from HP Wolf Security. Researchers also saw scripts that automated the creation of the exploit on Github on the 10th, making it easier for less-sophisticated attackers to use the exploit against vulnerable organisations. This illustrates the trend of cybercriminals moving faster than ever to exploit zero-days, while businesses take 97 days on average to implement patches, creating a window of vulnerability. The latest Threat Insights Report reveals the use of JavaScript downloaders to evade detection tools,… [Continue Reading]