They’re not even being presented with a challenge… A study of internet security flaws has revealed that half of vulnerable systems remain unfixed after 30 days – making life easy for hackers. The data – released at the Black Hat Briefings security Conference in Las Vegas – also showed that some flaws don’t completely die out over time but actually make a comeback. The vulnerabilities exploited by the Code Red and SQL Slammer worms, for example, are allowing those threats to reassert themselves on the internet, said Gerhard Eschelbeck, chief technology officer for vulnerability-assessment company Qualys. “There is something going on that is bringing vulnerabilities back to life,” Eschelbeck said, adding that the main theory is that companies continue to install systems that include out-of-date software. The study, which correlates nearly 1.5 million scans done by Qualys over a year and a half, underscores the need for customers to be more proactive about patching systems and for software makers to weed out vulnerabilities during development. Full Story
About OODA Analyst
OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.