CERT-In professes 12-hour patching for AI-assisted attacks

India's Computer Emergency Response Team (CERT-In) says defenders should endevor to patch or mitigate exploited n-day vulnerabilities within 12 hours as the cybercrime landscape continues its AI-ification.

The organization's recommended half-day window applies only to bugs that affect internet-facing or "crown jewel" systems and are known to be exploited.

In these cases, CERT-In told defenders to "patch, mitigate, or remove exposure within 12 hours where feasible."

For other flaws, such as a standard critical vulnerability (CVSS 9.0 or higher) affecting an internal system, or a known exploited bug affecting an internal system, defenders can enjoy a much more leisurely 24-hour window.

The revised suggestions come as part of a new guide released by CERT-In this week to help infosec pros better protect against AI-assisted cyberattacks.

"AI-assisted cyber exploitation reduces the time required for adversaries to identify, weaponize, and exploit vulnerabilities, exposed services, weak identities, insecure APIs, and misconfigured systems," CERT-In's ...

Copyright of this story solely belongs to theregister.com. To see the full text click HERE