News Insights: Boy, that Escalated Quickly - How Zero-Day Disclosures Alter Attacker Strategy

Caleb Gross, Director of Capability Development, gives his insight on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.

With news continuing to break regarding a string of critical vulnerabilities in Ivanti VPN products, including a 3rd this week, the speed at which vulnerabilities can move from disclosure to “broad exploitation activity” went yet again on full and unsettling display. The urgency was further driven home when CISA issued an alert for all Federal agencies “as soon as possible and no later than 11:59PM on Friday February 2, 2024, disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure solution products from agency networks.”

The scenario, while headline grabbing, is all too common. Thus begins another race for organizations to determine usage and exposure, and take corrective action. A horde of threat actors is sure to respond immediately and cast a wide net to secure as many footholds on corporate networks as possible for sale to criminal or state sanctioned groups. Some others may also use the chaos as a cover of security team distraction from other weaknesses.

While many will look at the actors most likely to exploit or the race to patch, we decided to ask our Director of Capability Development, Caleb Gross, to plum his expertise on the dynamics of exploit creation and execution and what organizations can do to not only mitigate risk from this event, but also stay focused on minimizing exposure across the business.


Caleb Gross Light Gray

About the author, Caleb Gross

Director of Capability Development

Caleb Gross is the Director of the Capability Development at Bishop Fox where he leads a team of offensive security professionals specializing in attack surface research and vulnerability intelligence. Prior to coming to Bishop Fox, he served as an exploitation operator in the US Department of Defense's most elite computer network exploitation (CNE) unit. As a top-rated military officer, Caleb led an offensive operations team in the US Air Force's premier selectively manned cyber attack squadron.
More by Caleb

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.