Join/Login and make your voice heard Connect With Other Naijatipsland Members

Zero-day Vulnerabilities See Increased Targeting By Cybercriminals

Last year saw more mass compromise events arising from zero-day vulnerabilities (53 percent) than from older vulnerabilities for the first time since 2021.

The latest Attack Intelligence Report from Rapid7 also shows mass compromise events stemming from exploitation of network edge devices have almost doubled since the start of 2023, with 36 percent of widely exploited vulnerabilities occurring in network perimeter technologies. More than 60 percent of the vulnerabilities Rapid7 analyzed in network and security appliances in 2023 were exploited as zero-days.

“We’ve seen that attackers are very very good at internet exposure reconnaissance and so I think it’s fair to say at this point that if it’s on the internet attackers are going to find it,” says Caitlin Condon, director of vulnerability intelligence at Rapid7. “What we see in some of these skilled adversary attacks, the transfer attack was actually a good example of this, is that that recon plays out over the course of years sometimes before you know the zero-day is deployed and does noticeable damage.”

Another interesting finding is that 41 percent of incidents Rapid7 MDR observed in 2023 were the result of missing or unenforced multi-factor authentication (MFA) on internet-facing systems, particularly VPNs and virtual desktop infrastructure. Network edge devices are also at particular risk of exploitation.

“These are critical systems, most organizations cannot easily get rid of them,” says Condon. “If you’re an organization operating with a global employee and customer base you can’t necessarily take your VPN offline because of weakness. A lot of these things have proprietary operating systems, you can’t necessarily put EDR agents on them. And so I think you have a nice convergence of factors that make them both appealing and very in a very effective attack surface or adversaries.”

 

Image credit: Profit_Image / Shutterstock

 

0 0 votes
Article Rating
Subscribe
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Nigeria's Fast-Growing Online Forum
Logo
Verified by MonsterInsights
situs togel sydneylotto situs toto toto slot https://sih3.kepriprov.go.id/berita/ https://fast.indihome.web.id/slot/ https://uninus.ac.id/ togel online terpercaya bento4d situs toto situs toto bento4d