{"id":41886,"date":"2021-07-13T00:00:00","date_gmt":"2021-07-13T00:00:00","guid":{"rendered":"https:\/\/www.trendmicro.com\/en_us\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-pat.html"},"modified":"2021-07-13T00:00:00","modified_gmt":"2021-07-13T00:00:00","slug":"the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/","title":{"rendered":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-641.jpg\"><!-- Begin mPulse library --><!-- END mPulse library --> <head> <meta charset=\"UTF-8\"> <meta name=\"viewport\" content=\"width=device-width\"> <meta name=\"description\" content=\"Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. We detail our findings in our research paper \u201cThe Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground.\u201d \"> <meta name=\"robots\" content=\"index,follow\"> <meta name=\"keywords\" content=\"cyber crime,research,exploits &amp; vulnerabilities,articles, news, reports\"> <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\"> <meta name=\"template\" content=\"article1withouthero\"> <meta property=\"article:published_time\" content=\"2021-07-13\"> <meta property=\"article:tag\" content=\"exploits &amp; vulnerabilities\"> <meta property=\"article:section\" content=\"research\"> <link rel=\"icon\" type=\"image\/ico\" href=\"\/content\/dam\/trendmicro\/favicon.ico\"> <link rel=\"canonical\" href=\"https:\/\/www.trendmicro.com\/en_us\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-pat.html\"> <title>The Underground Exploit Market and the Importance of Virtual Patching<\/title> <link href=\"https:\/\/fonts.googleapis.com\/css?family=Open+Sans:300,300i,400,400i,600\" rel=\"stylesheet\">\n<link href=\"\/\/customer.cludo.com\/css\/296\/1798\/cludo-search.min.css\" type=\"text\/css\" rel=\"stylesheet\"> <link rel=\"stylesheet\" href=\"\/etc.clientlibs\/trendresearch\/clientlibs\/clientlib-trendresearch.min.css\" type=\"text\/css\"> <meta property=\"og:url\" content=\"https:\/\/www.trendmicro.com\/en_us\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-pat.html\"><br \/>\n<meta property=\"og:title\" content=\"The Underground Exploit Market and the Importance of Virtual Patching\"><br \/>\n<meta property=\"og:description\" content=\"Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. We detail our findings in our research paper \u201cThe Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground.\u201d \"><br \/>\n<meta property=\"og:site_name\" content=\"Trend Micro\"><br \/>\n<meta property=\"og:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-641.jpg\"><br \/>\n<meta property=\"og:locale\" content=\"en_US\"> <meta name=\"twitter:card\" content=\"summary_large_image\"><br \/>\n<meta name=\"twitter:site\" content=\"@TrendMicro\"><br \/>\n<meta name=\"twitter:title\" content=\"The Underground Exploit Market and the Importance of Virtual Patching\"><br \/>\n<meta name=\"twitter:description\" content=\"Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. We detail our findings in our research paper \u201cThe Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground.\u201d \"><br \/>\n<meta name=\"twitter:image\" content=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-641.jpg\"> <\/head> <body class=\"articlepage page basicpage context-business\" id=\"readabilityBody\" readability=\"49.134296415195\"> <!-- Page Scroll: Back to Top --> <a id=\"page-scroll\" title=\"VerticalPageScroll\" href=\"javascript:jumpScroll($(this).scrollTop());\"> <span class=\"icon-chevron-up\"><\/span> <\/a> <!-- \/* Data Layer *\/ --> <\/p>\n<div class=\"root responsivegrid\">\n<div class=\"aem-Grid aem-Grid--12 aem-Grid--default--12 \">\n<div class=\"articleBodyNoHero aem-GridColumn aem-GridColumn--default--12\">\n<div class=\"research-layout article container\" role=\"contentinfo\">\n<article class=\"research-layout--wrapper row\" data-article-pageid=\"804837813\">\n<div class=\"col-xs-12 col-md-12 one-column\">\n<div class=\"col-xs-12 col-md-12\" readability=\"11\">\n<div class=\"article-details\" role=\"heading\" readability=\"42\"> <span class=\"article-details__bar\" role=\"img\"><\/span> <\/p>\n<p class=\"article-details__display-tag\">Exploits &amp; Vulnerabilities<\/p>\n<p class=\"article-details__description\">Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. <\/p>\n<p class=\"article-details__author-by\">By: Trend Micro Research <time class=\"article-details__date\">July 13, 2021<\/time> <span>Read time:&nbsp;<\/span><span class=\"eta\"><\/span> (<span class=\"words\"><\/span> words) <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<hr class=\"research-layout-divider\"> <main class=\"main--content col-xs-12 col-md-8 col-md-push-2\"> <\/p>\n<div class=\"richText\" readability=\"48.844015882019\">\n<div readability=\"46.026091888826\">\n<p>Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. We detail our findings in our research paper <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/trends-and-shifts-in-the-underground-n-day-exploit-market\">\u201cThe Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground.\u201d<\/a><\/p>\n<p>In this blog entry, we discuss several of our findings and recommend a security solution that can help organizations defend their systems against exploits by affording them time to properly implement patches.<\/p>\n<p>Exploits for zero-day or unpatched vulnerabilities can be a cause of great distress for many organizations. They\u2019re difficult to detect and, without patches addressing the exploited vulnerabilities, well nigh impossible to thwart under normal circumstances. It\u2019s not surprising, then, that such exploits fetch very high prices in the underground \u2014 typically exceeding US$10,000 for a working zero-day exploit.<\/p>\n<p>Once a vulnerability is discovered, and especially once an exploit for it is developed, the vendor of the affected product finds itself in a race for time to issue a security patch. Once a patch is released, the value of the exploit, which is now an N-day exploit, drops drastically, and its price is likely to be reduced by half or more in just a few months.<\/p>\n<p>An example is the exploit for the Zyxel network-attached storage (NAS) vulnerability <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-9054\">CVE-2020-9054<\/a>. Initially sold on a Russian-language underground forum for US$20,000 in February 2020, it was advertised as an N-day exploit the following May for US$10,000. By August, at least one request for the exploit offered up to US$2,000.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-1.png\" alt=\"Figure 1. The life cycle of an exploit for the Zyxel NAS vulnerability CVE-2020-9054\"><figcaption>Figure 1. The life cycle of an exploit for the Zyxel NAS vulnerability CVE-2020-9054<\/figcaption><\/figure>\n<\/p><\/div>\n<div>\n<div class=\"richText\" readability=\"42\">\n<div readability=\"29\">\n<p>It\u2019s but natural for an exploit to lose value over time: The longer the patch for the exploited vulnerability has been out, the larger the number of affected users who have updated their machines becomes. However, this does not mean that exploits are rendered useless past a certain window. Given that not all organizations and individual users are able \u2014 or even willing \u2014 to patch their systems, old exploits continue to be used by malicious actors. Often such exploits are bundled together as a package to make them more enticing to potential buyers, who can then choose which exploits to use depending on their needs.<\/p>\n<p>Unsurprisingly, popular software products figure prominently in the most requested and sold exploits in the underground. Exploits for Microsoft products, in particular, had the lion\u2019s share of the market in our findings, with Microsoft Office, Microsoft Windows, Microsoft Remote Desktop Protocol (RDP), Internet Explorer, and Microsoft SharePoint accounting for at least 47% of requests and at least 51% of sales. The combination alone of Microsoft Word and Microsoft Excel, two of the most widely used office applications in the world, made up 46% of Microsoft-related exploits requested and 52% of Microsoft-related exploits sold.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-2.png\" alt=\"Figure 2. A comparison of the distribution of affected products in exploits requested and sold by users on cybercriminal underground forums\"> <\/figure>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-3.png\" alt=\"Figure 2. A comparison of the distribution of affected products in exploits requested and sold by users on cybercriminal underground forums\"><figcaption>Figure 2. A comparison of the distribution of affected products in exploits requested and sold by users on cybercriminal underground forums<\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"image\">\n<figure class=\"image-figure\"> <img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-patching\/underground-market-virtual-patching-4.png\" alt=\"Figure 3. A comparison of exploits for Microsoft products requested and sold by users on cybercriminal underground forums\"><figcaption>Figure 3. A comparison of exploits for Microsoft products requested and sold by users on cybercriminal underground forums<\/figcaption><\/figure>\n<\/p><\/div>\n<div class=\"richText\" readability=\"43.140931372549\">\n<div readability=\"35.797794117647\">\n<p>Notably, exploits for <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/definition\/internet-of-things\">internet-of-things (IoT)<\/a> devices made up only 5% of requests and 6% of sales. However, considering the increasing number of IoT devices \u2014 and the relative difficulty of patching them \u2014 we can only expect these numbers to go up.<\/p>\n<p>In an ideal world, organizations would be able to apply security updates as soon as they become available, minimizing the attack surface that malicious actors could use to compromise systems. But this is rarely the case in real-world scenarios, where patching often takes plenty of time and resources \u2014 especially for large organizations, companies that have decentralized systems, and enterprises that use customized versions of stock software.<\/p>\n<p>Fortunately, certain security technologies have the ability to apply <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/security-technology\/security-101-virtual-patching\">virtual patching<\/a>. Adding an additional security measure against threats that exploit vulnerabilities, virtual patching is the implementation of security policies and rules that prevent exploits from being able to take network paths to and from a vulnerability.<\/p>\n<p>Virtual patching offers a number of advantages, such as reducing the downtime needed to roll out patching and providing flexibility in patch management. But perhaps the most important benefit of virtual patching is that it buys additional time for an organization to assess vulnerabilities and apply the necessary patches.<\/p>\n<p>For the full details of our findings on the underground exploit market and more information on virtual patching, read our research paper <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/vulnerabilities-and-exploits\/trends-and-shifts-in-the-underground-n-day-exploit-market\">\u201cThe Rise and Imminent Fall of the N-Day Exploit Market in the Cybercriminal Underground.\u201d<\/a> &nbsp;<\/p>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<section class=\"tag--list\">\n<p>Tags<\/p>\n<\/section>\n<p> <\/main> <\/article>\n<\/div>\n<\/div><\/div>\n<\/div>\n<p> <!-- \/* Core functionality javascripts, absolute URL to leverage Akamai CDN *\/ --> <!--For Modal-start--> <\/p>\n<p> <span>sXpIBdPeKzI9PC2p0SWMpUSM2NSxWzPyXTMLlbXmYa0R20xk<\/span> <\/p>\n<p> <!--For Modal-end--> <!-- Go to www.addthis.com\/dashboard to customize your tools --> <\/body> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/21\/g\/the-underground-exploit-market-and-the-importance-of-virtual-pat.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":41887,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9461,1047,9467,842],"class_list":["post-41886","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-articles-news-reports","tag-cyber-crime","tag-exploitsvulnerabilities","tag-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-13T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png\" \/>\n\t<meta property=\"og:image:width\" content=\"971\" \/>\n\t<meta property=\"og:image:height\" content=\"318\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro\",\"datePublished\":\"2021-07-13T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/\"},\"wordCount\":841,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png\",\"keywords\":[\"Articles, News, Reports\",\"Cyber Crime\",\"Exploits&amp;Vulnerabilities\",\"Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/\",\"name\":\"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png\",\"datePublished\":\"2021-07-13T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/07\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png\",\"width\":971,\"height\":318},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Articles, News, Reports\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/articles-news-reports\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/","og_locale":"en_US","og_type":"article","og_title":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-07-13T00:00:00+00:00","og_image":[{"width":971,"height":318,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png","type":"image\/png"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro","datePublished":"2021-07-13T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/"},"wordCount":841,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png","keywords":["Articles, News, Reports","Cyber Crime","Exploits&amp;Vulnerabilities","Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/","url":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/","name":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png","datePublished":"2021-07-13T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/07\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro.png","width":971,"height":318},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/the-underground-exploit-market-and-the-importance-of-virtual-patching-trend-micro\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Articles, News, Reports","item":"https:\/\/www.threatshub.org\/blog\/tag\/articles-news-reports\/"},{"@type":"ListItem","position":3,"name":"The Underground Exploit Market and the Importance of Virtual Patching Trend Micro"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=41886"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/41886\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/41887"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=41886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=41886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=41886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}