The gap between the vendor discovering a vulnerability and the patch getting to you will always be an issue – this is the zero-day threat. It escalates if the threat actors became aware of the vulnerability and exploits it before the vendor becomes aware.
Now research by Mandiant shows that, not unexpectedly, Microsoft, Google, Apple zero-days are the most attacked:
Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace | Mandiant
Your take away – know what equipment is used to access your information and make sure the patches are applied as soon as they become available. Do not assume that because “automatic updates” is on that the patching has been done – monitor and check.
Clive Catton MSc (Cyber Security) – by-line and other articles
Further Reading
IT Monitoring – Octagon Technology
Zero-day (computing) – Wikipedia
Please Note:
I am on the road and away from the office, so the news this week is “in brief”. You can still contact me via the contact page and Octagon Technology.
