In a joint advisory published yesterday, the FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance released a list of the top 15 exploited vulnerabilities in 2023.
“Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025,” the agencies say.
The report warned that in 2023, “malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.”
It also revealed that 12 out of the top 15 vulnerabilities actively abused in the wild were addressed last year, aligning with the agencies warning that threat actors focused their attacks on zero-days.
A code injection vulnerability in NetScaler ADC / Gateway that enables bad actors to gain remote code execution on unpatched servers, took the top spot after state hackers abused it to breach U.S. critical infrastructure organizations.
By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August.
Evan Dornbush, former NSA cybersecurity expert had this to say:
While the recommendation to patch is sage advice, it won’t have a material impact against sophisticated attackers who are increasingly reliant on zero days to gain initial access, per the joint advisory.
Instead of waiting for attackers to come at them with zero days, finding novel ways to raise the cost of conducting criminal operations would, however, produce a desirable effect. Sophos did this in its Pacific Rim project, which burned several months of effort – exploits, implants, and infrastructure – quite brilliantly. It’s time for businesses in all industries to pursue new options that disrupt the lucrative nature of criminal operations.
Patching isn’t perfect. But it is part of the solution. Things like vulnerability testing, penetration testing, tabletop exercises, and strengthening defences have to be part of the conversation. Because security has to be a holistic solution.
Like this:
Like Loading...
Related
This entry was posted on November 14, 2024 at 8:32 am and is filed under Commentary with tags Five Eyes. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
US Agencies & Five Eyes Reveal 2023 Top Exploited Vulnerabilities
In a joint advisory published yesterday, the FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance released a list of the top 15 exploited vulnerabilities in 2023.
“Network defenders should pay careful attention to trends and take immediate action to ensure vulnerabilities are patched and mitigated. Exploitation will likely continue in 2024 and 2025,” the agencies say.
The report warned that in 2023, “malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.”
It also revealed that 12 out of the top 15 vulnerabilities actively abused in the wild were addressed last year, aligning with the agencies warning that threat actors focused their attacks on zero-days.
A code injection vulnerability in NetScaler ADC / Gateway that enables bad actors to gain remote code execution on unpatched servers, took the top spot after state hackers abused it to breach U.S. critical infrastructure organizations.
By early August 2023, this security flaw had been leveraged to backdoor at least 640 Citrix servers worldwide and over 2,000 by mid-August.
Evan Dornbush, former NSA cybersecurity expert had this to say:
While the recommendation to patch is sage advice, it won’t have a material impact against sophisticated attackers who are increasingly reliant on zero days to gain initial access, per the joint advisory.
Instead of waiting for attackers to come at them with zero days, finding novel ways to raise the cost of conducting criminal operations would, however, produce a desirable effect. Sophos did this in its Pacific Rim project, which burned several months of effort – exploits, implants, and infrastructure – quite brilliantly. It’s time for businesses in all industries to pursue new options that disrupt the lucrative nature of criminal operations.
Patching isn’t perfect. But it is part of the solution. Things like vulnerability testing, penetration testing, tabletop exercises, and strengthening defences have to be part of the conversation. Because security has to be a holistic solution.
Share this:
Like this:
Related
This entry was posted on November 14, 2024 at 8:32 am and is filed under Commentary with tags Five Eyes. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.