The Common Vulnerabilities and Exposures (CVE) tells us the whole story just by its name — these are exposures and vulnerabilities that are common. But what happens when uncommon issues are discovered and exploited by attackers? What if attackers just want us to think they’d only exploit common issues and vulnerabilities?
Securing CVEs sounds like it should be the right place to start from. Exploring common vulnerabilities and exposure is where script kiddies start from, that’s what bots are exploiting, and none of us want to end up in the security hall of shame, set aside for organizations that were exploited and affected by ransomware, thanks to an unpatched CVE from months ago.