Key Points
The recent release of the new hacking tool ‘AutoSploit’ marks the dawn of a new era for unskilled attackers. It provides a fully-automated system for attacking targets all over the internet.
‘AutoSploit’ works by marrying up the internet indexing engine ‘Shodan’ with tools that deliver pre-packaged exploitation kits for known security weaknesses. The indexing engines are first mined for potential targets, before then being delivered to the exploitation tool for attack and compromise. Neither of these components are new, however, the worrying development AutoSploit brings over existing tools is that instead of needing to aim it at any particular target, it’s designed to go and find weak targets from anywhere. So you could easily find your systems in the firing line simply because they’re on the internet!
Happily, ‘AutoSploit’ doesn’t actually come with any new exploit code for critical vulnerabilities, it simply leverages tools that were already out there, so this isn’t something to be immediately concerned about. However, with tools like this making hacking almost like child’s play, there’s truly never been a better time to be continuously monitoring your internet-facing systems for the latest weaknesses!
Intruder’s Pro & Vanguard plans include continuous checks of clients’ systems for the most severe emerging threats, as and when they are released. In the last month, our emerging threat scans have included checks for multiple remote code execution vulnerabilities, SQL injection flaws, and 31 other new serious vulnerabilities.