Removing the background noise from the Internet can give security analysts the context necessary to find the attacks that matter, says GreyNoise founder Andrew Morris.
There are still nearly 30,000 Exchange servers vulnerable to the ProxyLogon bug, with ransomware attacks and public exploits circulating.
Full chain exploits are in use against a critical flaw (CVE-2021-22986) in the F5 BIG-IP system.
Extending the requirement for vulnerability disclosure policies from federal agencies to their suppliers is not a quick fix for supply chain security issues.
The attackers behind the SolarWinds breach also gained access to and downloaded some Mimecast source code repositories.