Jump to content
  • Sign Up
×
×
  • Create New...

Zero-day exploits increasingly sought out by attackers

Pelican Press

By Pelican Press,
in World News

 Share

Recommended Posts

  • Diamond Member
Pelican Press Warlord

Pelican Press 0

Posted
  • Diamond Member
Posted

This is the hidden content, please

Zero-day exploits increasingly sought out by attackers

Threat actors – both state-backed and financially-motivated – are increasingly taking advantage of previously unknown vulnerabilities, or

This is the hidden content, please
, to compromise their victims before fixes or patches are made available by the tech industry, according to a new advisory published by the Five Eyes cyber agencies, including the ***’s
This is the hidden content, please
(NCSC) and the ******* States’
This is the hidden content, please
(CISA).

The agencies have collectively drawn up a list of the 15 most exploited vulnerabilities of 2023 and found that the majority of exploited vulnerabilities were zero-days compared to less than half in 2022. The trend has continued through 2024, said the NCSC.

The NCSC said that defenders needed to up their game when it comes to vulnerability management, paying particular attention to applying updates as quickly as possible when they do arrive, and to making sure they have identified all the potentially affected IT assets in their estates.

The organisation also urged suppliers and developers to do more to implement secure-by-design principles into their products, something that the Five Eyes governments – Australia, Canada, New Zealand, the *** and the ******* States – have become particularly vocal about in the past 18 months. Doing so helps reduce the risk of vulnerabilities being accidentally introduced during development, only to be taken advantage off further down the line.

“More routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organisations and vendors alike as malicious actors seek to infiltrate networks,” said NCSC chief technology officer (CTO) Ollie Whitehouse.

“To reduce the risk of compromise, it is vital all organisations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace,” said Whitehouse.

“We urge network defenders to be vigilant with vulnerability management, have situational awareness in operations and call on product developers to make security a core component of product design and life-cycle to help stamp out this insidious game of whack-a-mole at source,” he added.

The full list of the vulnerabilities most frequently exploited during 2023 is as follows:

  • This is the hidden content, please
    , a code injection flaw in Citrix NetScaler ADC and NetScaler Gateway;
  • This is the hidden content, please
    , a buffer overflow vulnerability in Citrix NetScaler ADC and NetScaler Gateway,
    This is the hidden content, please
    ;
  • This is the hidden content, please
    , an elevation of privilege (EoP) issue in Cisco IOS XE Web UI;
  • This is the hidden content, please
    , a web UI command injection bug in Cisco IOS XE;
  • This is the hidden content, please
    , a heap-based buffer overflow flaw in Fortinet FortiOS and FortiProxy SSL-VPN;
  • This is the hidden content, please
    , a SQL injection vulnerability in Progress MOVEit Transfer, infamously exploited by the Cl0p ransomware gang, the fall-out from which is still being felt;
  • This is the hidden content, please
    , a broken access control vuln it Atlassian Confluence Data Center and Server;
  • This is the hidden content, please
    , a remote code ********** (RCE) issue in Apache Log4j2, aka Log4Shell, the source of a major incident at the end of 2021 and still being widely-abused years later;
  • This is the hidden content, please
    , an improper input validation flaw in Barracuda Networks ESG Appliance;
  • This is the hidden content, please
    , an RCE issue in Zoho ManageEngine;
  • This is the hidden content, please
    , an improper access control vulnerability in PaperCut MF/NG;
  • This is the hidden content, please
    , an EoP vuln in
    This is the hidden content, please
    Netlogon, the source of another high-profile historic incident that there is now no excuse for not having addressed;
  • This is the hidden content, please
    , an authentication bypass flaw in JetBrains TeamCity;
  • This is the hidden content, please
    , an EoP issue in
    This is the hidden content, please
    Office
    This is the hidden content, please
    ,
    This is the hidden content, please
    ;
  • And last but not least,
    This is the hidden content, please
    , an information disclosure vuln in ownCloud graphapi.

The full list, which can be

This is the hidden content, please
, also contains details of a number of other issues that were observed being routinely exploited during 2023, prominent among them two vulnerabilities in Ivanti products disclosed in August 2023, and the infamous Fortra GoAnywhere flaw exploited, yet again, by the Cl0p gang.



This is the hidden content, please

#Zeroday #exploits #increasingly #sought #attackers

This is the hidden content, please

This is the hidden content, please


Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Vote for the server

    To vote for this server you must login.

    Jim Carrey Flirting GIF

  • Recently Browsing   0 members

    • No registered users viewing this page.

Important Information

Privacy Notice: We utilize cookies to optimize your browsing experience and analyze website traffic. By consenting, you acknowledge and agree to our Cookie Policy, ensuring your privacy preferences are respected.

  I accept