In-the-Wild Exploitation of Vulnerability Follows Public Disclosure
WatchTowr’s Public Disclosure and Proof of Concept (PoC) Exploit in February 2024
The in-the-wild exploitation of a vulnerability, as tagged by the Cybersecurity and Infrastructure Security Agency (CISA), follows WatchTowr’s public disclosure of the vulnerability, along with a proof of concept (PoC) exploit, in February 2024. While it is challenging to determine if threat actors picked up WatchTowr’s PoC exploits for the said attacks, it appears the latter was aware of the risks involved in disclosures.
WatchTowr’s Stance on Disclosure
“As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates – disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the only way to really ensure that no one ever uses information in a way that you don’t like (this part is key) is to make up terms for your way of doing things,” WatchTowr had said in the blog post.
Another Critical Vulnerability Disclosed by WatchTowr
Quite interestingly, a day after the CISA alert, WatchTowr pulled the curtains on another critical vulnerability in Veeam backup servers that allowed remote code execution.
Conclusion
In conclusion, the in-the-wild exploitation of a vulnerability follows WatchTowr’s public disclosure of the vulnerability, along with a proof of concept (PoC) exploit, in February 2024. This highlights the ongoing debate surrounding the risks and benefits of public disclosure of vulnerabilities, with some experts arguing that secrecy is the best way to ensure security, while others believe that sharing vulnerability information can lead to better protection and patching.
FAQs
- What is the vulnerability that was exploited by threat actors? The article does not specify the exact nature of the vulnerability, but it mentions that it was disclosed by WatchTowr in February 2024.
- What is the proof of concept (PoC) exploit released by WatchTowr? The article does not provide details about the PoC exploit, but it mentions that it was released along with the public disclosure of the vulnerability.
- What is WatchTowr’s stance on disclosure? WatchTowr believes that disclosure is terrible and that secrecy is the best way to ensure security, as stated in their blog post.
- What is the second vulnerability disclosed by WatchTowr? A critical vulnerability in Veeam backup servers that allows remote code execution, which was disclosed a day after the CISA alert.
