There is little, if any, research that follows CVEs from zero-day status until “end of life,” which can mislead cybersecurity practitioners to believe old exploits to be harmless. New research following the lifecycle of a CVE, using recent examples from the underground, will prove that putting off patching can leave organizations susceptible to exploitation for years to come.


RSA® Conference, the world’s leading information security conferences and expositions, concluded its 30th annual event, which took place as a fully virtual experience this week. This year’s theme was Resilience, and in honor of all that the cybersecurity industry has accomplished over the past three decades, offered a must-attend celebration of thought leadership and education.


More than 20,000 people registered to view 449 sessions including, keynotes, track sessions, interactive programs, tutorials, seminars, and many special digital-first programs that focused on best practices and innovation. The content covered many of the industry’s most pressing topics, including privacy, machine learning and artificial intelligence, analytics, anti-fraud, policy and government, and risk management and governance.

Tales from the Underground: The Vulnerability Weaponization Lifecycle

Conference: RSA Conference 2021

Abstract

Post a comment

Related work

Critical Zero Days Remotely Compromise the Most Popular Real-Time OS