GreyNoise Intelligence Dives Deep into the Cybersecurity Landscape with its 2022 Mass Exploitation Report
Saturday, February 4, 2023
Offers Insight into the Most Significant Threat Detection Events of 2022
WASHINGTON, Dec. 19, 2022 /PRNewswire-PRWeb/ -- GreyNoise Intelligence, the cybersecurity company analyzing internet scanning traffic to separate threats from background noise, today unveiled its inaugural 2022 Mass Exploitation Report, a research report that dives deep into the most significant Threat Detection events of the past 12 months.
"When it comes to cybersecurity, not all vulnerabilities are created equal, and many of the ones that garner media attention actually turn out to be insignificant," said Bob Rudis, Vice President Research & Data Science, GreyNoise Intelligence. "GreyNoise is in a unique position to help organizations understand what technologies are under mass exploitation, and provides critical tools and data to help security analysts prioritize patching, identify and block malicious sources with confidence, and stay ahead of adversaries."
GreyNoise added over 230 new detection tags in 2022, representing an increase of approximately 38% from 2021. For its 2022 Mass Exploitation Report, GreyNoise researchers provide insights into:
-- The celebrity vulnerability hype cycle, with a breakdown of the
CVE-2022-1388, an F5 Big-IP iControl REST Authentication Bypass
-- How hard attackers will work to never let a critical vulnerability go to
waste by looking at the depth and breadth of CVE-2022-26134, a critical
weakness in Atlassian Confluence
-- The impact of the CISA Known Exploited Vulnerabilities catalog releases
on defenders
In addition to insights about the most significant threat detection events of 2022, the 2022 Mass Exploitation Report offers predictions for 2023 from GreyNoise VP Data Science Bob Rudis:
-- Expect daily, persistent internet-facing exploit attempts. "We see Log4j
attack payloads every day. It's part of the new 'background noise' of
the internet, and the exploit code has been baked into numerous kits
used by adversaries of every level. It's very low risk for attackers to
look for newly-exposed or re-exposed hosts, with the weakness unpatched
or unmitigated. This means organizations must continue to be deliberate
and diligent when placing services on the internet."
-- Expect more post-initial access internal attacks. "CISA's database of
software affected by the Log4j weakness stopped receiving regular
updates earlier this year. The last update showed either 'Unknown' or
'Affected' status for ~35% (~1,550) of products cataloged. Attackers
know that existing products have embedded Log4j weaknesses, and have
already used the exploit in ransomware campaigns. If you have not yet
dealt with your internal Log4j patching, early 2023 would be a good time
to do so."
-- Expect at least a handful of headline-grabbing Log4j-centric attacks.
"Organizations have to strive for perfection, while attackers need only
persistence and luck to find that one device or service that is still
exposing a weakness. We will see more organizations impacted by this,
and it is vital you do what you can to ensure yours isn't one of them."
To request a copy of the GreyNoise 2022 Mass Exploitation Report, please visit https://www.greynoise.io/resources/greynoise-2022-mass-exploitation-report.
About GreyNoise Intelligence GreyNoise is THE source for understanding internet noise. We collect, analyze and label data on IPs that saturate security tools with noise. This unique perspective helps analysts waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats. GreyNoise is trusted by Global 2000 enterprises, government organizations, top security vendors and tens of thousands of threat researchers. For more information, please visit https://www.greynoise.io/, and follow us on Twitter and LinkedIn.
Media Contact
Bob Rudis, GreyNoise Intelligence, 1 (202) 630-2906, bob@greynoise.io
Rebecca West, Helium Communications, (415) 260-6094, rebecca@heliumcommunications.net
SOURCE GreyNoise Intelligence
|
|
|
|
|
 |
Identiv Completes Thailand Manufacturing Transition, Unlocking Next-Generation Multicomponent Manufacturing for Advanced IoT Solutions | Jan 22, 2026
|
|
New Report Names States Most Vulnerable to Holiday Scams | Jan 22, 2026
|
|
Truvista Fiber Acquires SlyTel | Jan 22, 2026
|
|
Android Mobile Adware Surges in Second Half of 2025 | Jan 22, 2026
|
|
Breakthrough Progress: METiS TechBio Publishes Consecutive Research Findings in Nature Communications and the Journal for ImmunoTherapy of Cancer | Jan 22, 2026
|
|
Guardz 2025 SMB Cybersecurity Report: Nearly 50% of U.S. Small Businesses Have Been Hit by Cyber Attack | Jan 22, 2026
|
|
Healthcare Industry Executives are Likely to be Personal Targets of Cybercrime | Jan 22, 2026
|
|
pgEdge Announces pgEdge Agentic AI Toolkit for Postgres | Jan 22, 2026
|
|
LG ELECTRONICS INTRODUCES 2026 LG GRAM LINEUP ELEVATED BY AEROMINUM | Jan 22, 2026
|
|
Global Cyber Alliance Identifies Five Cybersecurity Forces That Defined 2025 - And Will Shape 2026 | Jan 22, 2026
|
|
|
