Were telcos tipped off to *that* ancient Telnet bug? Cyber pros say the signs stack up
Summary
Threat intelligence firm GreyNoise suggests that telecommunications companies may have been tipped off about a critical Telnet vulnerability (CVE-2024-2035) before its public disclosure in January. This is based on observed port filtering and traffic patterns leading up to the public announcement, indicating possible privileged information sharing.
IFF Assessment
Advanced warning to select parties enables potential attackers to exploit the vulnerability before widespread patching.
Severity
Defender Context
This situation highlights the potential for uneven playing fields in vulnerability disclosure. Defenders need to monitor network traffic for suspicious activity related to known vulnerabilities even before public announcements and prioritize patching based on observed exploitation attempts, not just public disclosure dates. This necessitates robust threat intelligence and anomaly detection capabilities.