In a joint advisory published yesterday, the FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance released a list of the top 15 exploited vulnerabilities in 2023.
“Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025,” the agencies say.
The report warned that in 2023, “malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.”
It also revealed that 12 out of the top 15 vulnerabilities actively abused in the wild were addressed last year, aligning with the agencies warning that threat actors focused their attacks on zero-days.
A code injection vulnerability in NetScaler ADC / Gateway that enables bad actors to gain remote code execution on unpatched servers, took the top spot after state hackers abused it to breach U.S. critical infrastructure organizations.
By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August.
Evan Dornbush, former NSA cybersecurity expert had this to say:
While the recommendation to patch is sage advice, it won’t have a material impact against sophisticated attackers who are increasingly reliant on zero days to gain initial access, per the joint advisory.
Instead of waiting for attackers to come at them with zero days, finding novel ways to raise the cost of conducting criminal operations would, however, produce a desirable effect. Sophos did this in its Pacific Rim project, which burned several months of effort – exploits, implants, and infrastructure – quite brilliantly. It’s time for businesses in all industries to pursue new options that disrupt the lucrative nature of criminal operations.
Patching isn’t perfect. But it is part of the solution. Things like vulnerability testing, penetration testing, tabletop exercises, and strengthening defences have to be part of the conversation. Because security has to be a holistic solution.
SurePath AI Announces Over $5 Million in Seed Funding
Posted in Commentary with tags SurePath AI on November 14, 2024 by itnerdSurePath AI, a leader in governing generative AI for the enterprise, today announced the successful closure of a $5.2 million seed funding round led by Uncork Capital with significant participation from Operator Collective, bringing the company’s total funding to $6.3 million. SurePath AI’s mission is to enable secure GenAI adoption by detecting usage, mitigating risks, and controlling AI access to enterprise data so that organizations can bolster innovation and productivity.
SurePath AI gives organizations much-needed visibility and control of GenAI use across public and private models. Its role-based access controls decide what data leaves an organization and which models and data sources end-users can access. As a result, organizations can detect GenAI use at a network level, mitigate the risk of public GenAI services, supervise private models, and control access to context data sources—all through a single policy engine integrated with existing security solutions.
SurePath AI’s key capabilities include:
Founded in 2023 when organizations were choosing between blocking or allowing GenAI, SurePath AI’s founders set out to develop a robust platform to remove the complexity of GenAI governance, provide visibility into Shadow AI use, and securely increase GenAI adoption. Shortly after, the SurePath AI platform was successfully launched at AWS re:Inforce 2024.
To learn more about SurePath AI’s approach to secure GenAI adoption, please visit surepath.ai.
Leave a comment »