Iqela labaphandi abavela eVirginia Tech, iCyentia kunye neRAND, iziphumo zohlalutyo lomngcipheko xa usebenzisa iindlela ezahlukeneyo zokulungisa ubuthathaka. Emva kokufunda ubuthathaka abangama-76 amawaka afunyenwe ukusuka kwi-2009 ukuya ku-2018, kwavezwa ukuba kuphela ngama-4183 kubo (5.5%) asetyenziselwa ukwenza uhlaselo lokwenyani. Inani eliphumayo liphezulu ngokuphindwe kahlanu kunoqikelelo olupapashiweyo ngaphambili, oluqikelele inani leengxaki ezinokuxhatshazwa malunga ne-1.4%.
Nangona kunjalo, akukho lunxulumano lufunyenweyo phakathi kokupapashwa kweeprototypes zokuxhaphaza kwindawo yoluntu kunye nokuzama ukuxhaphaza ubuthathaka. Kuzo zonke iinyani zokusetyenziswa kobuthathaka ezaziwa ngabaphandi, kuphela kwisiqingatha samatyala engxaki yayiyiprototype yokuxhaphaza epapashwe kwimithombo evulekileyo ngaphambili. Ukunqongophala kweprototype yokuxhaphaza akuyeki abahlaseli, abathi, ukuba kuyimfuneko, bazenzele ngokwabo.
Ezinye izigqibo zibandakanya imfuno yoxhatshazo ikakhulu kubuthathaka abanomgangatho ophezulu wobungozi ngokohlelo lweCVSS. Phantse isiqingatha sohlaselo lusebenzise ubuthathaka kunye nobunzima obuyi-9 ubuncinci.
Itotali yenani leeprototypes ezipapashiweyo ngeli xesha liphantsi koqwalaselo liqikelelwe kuma-9726.
ingqokelela Exploit DB, Metasploit, D2 Security's Elliot Kit, Canvas Exploitation Framework, Contagio, Reversing Labs and Secureworks CTU.
Ulwazi malunga nobuthathaka lufunyenwe kuvimba weenkcukacha (Uvimba weenkcukacha weSizwe woVulnerability). Idatha yokusebenza ihlanganiswe kusetyenziswa ulwazi oluvela kwi-FortiGuard Labs, i-SANS Internet Storm Centre, i-Secureworks CTU, i-OSSIM ye-Alienvault kunye ne-ReversingLabs.
Uphononongo lwaqhutyelwa ukufumanisa ulungelelwaniso olufanelekileyo phakathi kokufaka uhlaziyo ukuchonga nabuphi na ubuthathaka kunye nokuphelisa kuphela iingxaki eziyingozi kakhulu. Kwimeko yokuqala, ukhuseleko oluphezulu luqinisekiswa, kodwa izibonelelo ezinkulu zifunekayo ukuze kugcinwe iziseko zophuhliso, ezichithwa ngokukodwa ekulungiseni iingxaki ezingabalulekanga. Kwimeko yesibini, kukho umngcipheko omkhulu wokulahlekelwa ngumngcipheko ongasetyenziselwa ukuhlaselwa. Uphononongo lubonise ukuba xa uthatha isigqibo sokufakela uhlaziyo oluphelisa ubuthathaka, akufanele uthembele ekunqongophelweni kweprototype epapashiweyo kunye nethuba lokuxhaphaza ngokuthe ngqo kuxhomekeke kwinqanaba lobunzima bomngcipheko.
umthombo: opennet.ru