Wednesday, December 4, 2024
Wednesday, December 4, 2024
Home » Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

by Sang Achariya
0 comment 9 views


The cybersecurity agencies of the Five Eyes intelligence alliance (the U.S., U.K., Australia, Canada and New Zealand) issued a warning on Tuesday that hackers were increasingly exploiting zero-day vulnerabilities to access their targets’ networks.

It marks a significant departure from similar advisories issued in 2022 and 2021, when the agencies warned that malicious cyber actors were exploiting older software vulnerabilities more frequently than recently disclosed ones.

In a co-authored advisory, the agencies list the top 15 most routinely exploited vulnerabilities of 2023, with CVE-2023-3519 — an issue affecting Citrix’s networking product NetScalers — being the most widely used.

Reports around the time the NetScalers bug was patched warned that an adversary, with what Mandiant believed may have a China-nexus, used the flaw to compromise thousands of devices in an automated fashion, placing webshells on them to gain persistent access.

Other widely exploited vulnerabilities included a critical vulnerability affecting Cisco routers, another in Fortinet VPN equipment and one affecting the MOVEit file transfer tool that was widely exploited by the Clop ransomware gang.

The advisory notes that, for the first time since the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and partners began sharing this annual list, the majority of these vulnerabilities contained on it were initially exploited as zero-days. 

Although the advisory only covers last year, the trend of zero-day exploitation has continued into 2024 according to Britain’s National Cyber Security Centre (NCSC), marking “a shift from 2022 when less than half of the top list was initially exploited as zero-day vulnerabilities.”

Ollie Whitehouse, the NCSC’s chief technology officer, warned: “More routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organizations and vendors alike as malicious actors seek to infiltrate networks.

“To reduce the risk of compromise, it is vital all organizations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace,” said Whitehouse.

Source

You may also like

Hanoi Observer LLC is a global leader in the online news. We seek to inform and engage with our readers. Staffed 24 hours, seven days a week by a dedicated team around the globe, we deliver news from journalists around the world. We are contrarian truth-seekers and truthtellers. We are journalists united by a mission to inform and engage with our readers.

We bear witness to history as it unfolds and explain not just what happened, why it happened and what it means to our readers and the public.

We are contrarian, we are committed to the news, speaking truth to power.

Hanoi Observer, A Media Company – All Right Reserved.