It’s well-known that zero-day vulnerabilities pose critical security risks until an effective patch is issued. But, patching a vulnerability doesn’t guarantee that an environment hasn’t already been exploited. It’s possible, even likely, that attackers found that zero-day vulnerability long before it was discovered or disclosed. Public disclosure is often delayed until patches are available, so attackers may have been in your environment for months, or even years, waiting for the right time to use the access they gained. This is especially important given the potential threats of cyber warfare from Russian threat actors, nation-state and criminal alike, launched against Ukraine and their supporters.