Hackers now exploit new vulnerabilities in just 15 minutes

Hackers are now ​​moving faster than ever when it comes to scanning vulnerability announcements from software vendors.

Threat actors are actively scanning for vulnerable endpoints within a period of just 15 minutes once a new Common Vulnerabilities and Exposures (CVE) document is published, according to Palo Alto’s 2022 Unit 42 Incident Response Report.

Getty Images

As reported by Bleeping Computer, the report stresses how hackers are always scanning software vendor bulletin boards, which is where vulnerability announcements are disclosed in the form of CVEs.

From here, these threat actors can potentially exploit these details in order to infiltrate a corporate network. It also gives them an opportunity to distribute malicious code remotely.

“The 2022 Attack Surface Management Threat Report found that attackers typically start scanning for vulnerabilities within 15 minutes of a CVE being announced,” the blog post from Palo Alto’s Unit 42 states.

With hackers becoming more dangerous than ever in recent years, it can take them mere minutes to find a weak point in their target’s system. This is naturally made much easier if they’re aided by a report detailing what exactly can be exploited.

Simply put, system administrators will basically have to expedite their process in addressing the security defects and patch them before the hackers manage to find a way in.

Bleeping Computer highlights how scanning doesn’t require a threat actor to have much experience in the activity to be effective. In fact, anyone with a rudimentary understanding of scanning CVEs can perform a search on the web for any publicly disclosed vulnerable endpoints.

They can then offer such information on dark web markets for a fee, which is when hackers who actually know what they’re doing can buy them.

Stock Depot/Getty Images

Case in point: Unit 42’s report mentioned CVE-2022-1388, a critical unauthenticated remote command execution vulnerability that was affecting F5 BIG-IP products. After the defect was announced on May 4, 2022, a staggering 2,552 scanning and exploitation attempts were detected within just 10 hours of the initial disclosure.

During the first half of 2022, 55% of exploited vulnerabilities in Unit 42 cases are attributed to ProxyShell, followed by Log4Shell (14%), SonicWall CVEs (7%), and ProxyLogon (5%).

Activity involving hackers, malware, and threat actors in general has evolved at an aggressive rate in recent months. For example, individuals and groups have found a way to plant malicious code onto motherboards that is extremely difficult to remove. Even the Microsoft Calculator app isn’t safe from exploitation.

This worrying state of affairs in the cyber security space has prompted Microsoft to launch a new initiative with its Security Experts program.

Related posts

Latest posts

AMD calls Intel’s Arrow Lake ‘horrible’

AMD just commented on its recent Ryzen 7 9800X3D CPU shortages, and the culprit is pretty unexpected.

Lenovo Legion Go S vs. Steam Deck OLED: here’s what we know so far

The Steam Deck might be amazing, but it's showing its age. Lenovo's new Legion Go S is here to duke it out at the $500 portable gaming price point.

This Chromebook is ideal for school, and it’s just $160

Looking for a super affordable Chromebook deal? This Gateway Chromebook has a full HD screen and more storage than you'd think for just $160.

Does the OnePlus 13 have a curved screen?

The OnePlus 12 and OnePlus 12R smartphones featured curved screens, but what about the new OnePlus 13? Here's what you need to know about the OnePlus 13 and OnePlus 13R's screen curvature.

These 3 monitors trends dominated CES — and surprised everyone

I saw dozens of monitors at CES this year, and these were the three surprising trends that emerged.

Quick! This HP Envy with a touchscreen is $550 off for a limited time

Best Buy has a great deal on an HP Envy with a touchscreen and a RTX 4060 GPU. It's currently $550 off but you'll need to be quick.

The stars are aligning for a perfect PC handheld — but one thing’s missing

There were major advancements in the state of handheld gaming PCs at CES 2025, but Nvidia is still completely absent from that conversation.

Sony’s flip-up XR headset costs even more than an Apple Vision Pro

Sony's expensive new XR headset for CAD design with ring and stylus controllers matches Apple Vision Pro display quality and ships soon.

Amazon has slashed the price of the MacBook Pro M4 by $250

The MacBook Pro M4 is one of the best MacBook deals around and it's currently on sale at Amazon with $250 off. Here's why you'll love it.

The Samsung Galaxy S24 Ultra is on sale ahead of Unpacked 2025

The Samsung Galaxy S24 Ultra is on sale from Samsung right now, with the 256GB model down to $1,200 from $1,300 and the 512GB model down to $1,320 from $1,420.