Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Hack the hackers: Eavesdrop for intel on emerging threats

Fahmida Y. Rashid | June 17, 2016
Listening to online chatter in hacker forums can give you a jump on juicy vulnerabilities your vendor hasn't fixed.

Defenders should keep an eye on their networks for increased scanning activity. An increase indicates the likelihood there are discussions on how to trigger vulnerabilities. For example, Recorded Future noted that scanning against the Groovy scripting engine in Elasticsearch started “almost immediately” after the disclosure of a remote code execution vulnerability. Forums were talking about ways to exploit and maintain persistence on compromised systems “over and over,” Gundert says.

Remote code execution flaws tend to trigger online chatter almost immediately. Local exploits, those that require the attacker to somehow gain a foothold on the device first, appear to not generate as much chatter.

 

Previous Page  1  2  3  4 

Sign up for CIO Asia eNewsletters.