CERT-In Mandates 12-Hour Patching for Internet-Facing Flaws Amid AI-Assisted Attacks

CERT-In mandates 12-hour patching for internet-facing flaws to prevent AI-assisted attacks. Organizations with internet-exposed systems are affected, and the attack vector is automated vulnerability exploitation using AI tools and large language models (LLMs).

1. CERT-In issued guidelines requiring 12-hour patching for internet-exposed systems with critical security vulnerabilities.
2. The guidelines aim to safeguard against AI-assisted attacks exploiting automated vulnerability scanning and exploitation tools.
3. The attack chain involves AI tools and LLMs automating vulnerability scanning and exploitation.
4. Detection opportunities include monitoring for unusual network activity and system logs indicating automated scanning and exploitation attempts.

T1210 - Exploitation of Remote Services

Implement 12-hour patching for internet-exposed systems with critical security vulnerabilities, and monitor for unusual network activity and system logs.