Cybercriminals Are Becoming More Proficient at Exploiting Vulnerabilities

According to Fortinet, cybercriminals have their sights on the increasing number of new vulnerabilities triggered by the expansion of online services and applications, as well as the rapid rise in the number and variety of connected devices.
It's only inevitable that assaults targeting those vulnerabilities will increase.
The most recent semiannual report provides a snapshot of the active threat landscape and highlights trends from July to December 2023, including an analysis of the rate at which cyber criminals are capitalising on newly discovered exploits from across the cybersecurity industry, as well as the rise of targeted ransomware and wiper activity against the industrial and OT sectors.
Attacks began an average of 4.76 days after new exploits were publicly revealed: FortiGuard Labs, like the 1H 2023 Global Threat Landscape Report, wanted to understand how long it takes for a vulnerability to go from initial release to exploitation, whether flaws with a high Exploit Prediction Scoring System score are exploited faster, and whether EPSS data could be used to predict the average time-to-exploitation.
Based on this analysis, attackers increased the rate at which they exploited newly revealed vulnerabilities in the second half of 2023.
This highlights the importance of vendors committing to internally discovering vulnerabilities and implementing patches before exploitation starts.
It also emphasises the importance of vendors disclosing vulnerabilities to customers proactively and transparently in order to provide them with the information they need to successfully secure their assets before cyber attackers exploit N-day flaws.
CISOs and security teams need to be concerned about more than simply newly found vulnerabilities.
According to Fortinet telemetry, 41% of organisations discovered exploits from signatures that were less than a month old, while 98% detected N-Day vulnerabilities that had existed for at least five years.
FortiGuard Labs has also observed threat actors exploiting vulnerabilities that are more than 15 years old, emphasising the importance of upholding security hygiene and prompting organisations to act quickly through a consistent patching and updating programme, employing best practices and guidance from organisations such as the Network Resilience Coalition to improve network security overall.
44% of all ransomware and wiper samples targeted the industrial sector.
Ransomware detections decreased by 70% across all Fortinet sensors when compared to the first half of 2023.
Botnets shown amazing durability, with command and control connections ceasing on average 85 days after initial detection.
While bot traffic remained consistent with the first half of 2023, FortiGuard Labs continued to see the more prominent botnets of recent years, such as Gh0st, Mirai, and ZeroAccess, but three new botnets surfaced in the second half of 2023: AndroxGh0st, Prometei, and DarkGate.
38 of the 143 advanced persistent threat groups listed by MITRE were observed to be active during the second half of 2023.
FortiRecon, Fortinet's digital risk prevention solution, reports that 38 of the 143 Groups tracked by MITRE were active in the second half of 2023.
The most active groups included the Lazarus Group, Kimusky, APT28, APT29, Andariel, and OilRig.


This Cyber News was published on www.cysecurity.news. Publication date: Mon, 13 May 2024 15:13:08 +0000


Cyber News related to Cybercriminals Are Becoming More Proficient at Exploiting Vulnerabilities

Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
1 year ago Securityweek.com
Cybercriminals Are Becoming More Proficient at Exploiting Vulnerabilities - According to Fortinet, cybercriminals have their sights on the increasing number of new vulnerabilities triggered by the expansion of online services and applications, as well as the rapid rise in the number and variety of connected devices. It's ...
5 months ago Cysecurity.news
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
The old, not the new: Basic security issues still biggest threat to enterprises - Attacks on critical infrastructure reveal industry faux pas. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opt against paying and decrypting, in favor of rebuilding their infrastructure. X-Force analysis ...
8 months ago Helpnetsecurity.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
Misconfiguration and vulnerabilities biggest risks in cloud security: Report - The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed ...
1 year ago Csoonline.com
The Rise in Attacks Requires Specialized Expertise - Organizations today are increasingly reliant on the convenience, scalability and cost-effectiveness of migrating data and operations to the cloud. While cloud migration offers organizations significant benefits, it has also opened them up to a myriad ...
10 months ago Paloaltonetworks.com
As Digital Payments Explode in Popularity, Cybercriminals are Taking Notice - With $54 trillion in payments flowing through the world's leading transaction avenues, the payments space is truly exploding. Traditional banks are moving full speed ahead in fulfilling consumer expectations for instant and easy digital payments by ...
10 months ago Cyberdefensemagazine.com
Abnormal Security Shares Examples of Attacks Using Generative AI - Abnormal Security has published examples of cyberattacks that illustrate how cybercriminals are beginning to leverage generative artificial intelligence to launch cyberattacks. In one example, a cybercriminal posed as a customer service ...
10 months ago Securityboulevard.com
Zcaler ThreatLabz 2024 VPN Risk Report - The growing sophistication of cyberthreats alongside the expansion of remote workforces and cloud technologies have exposed significant vulnerabilities in VPNs. Due to their legacy architecture, VPNs grant overly broad network access once credentials ...
5 months ago Cybersecurity-insiders.com
Securing The Future: Cybersecurity Predictions for 2024 - When more than 6 million articles of ancestry and genetic data were breached from 23 and Me's secure database, companies were forced to confront and evaluate their own cybersecurity practices and data management. We won't be saying goodbye to ...
9 months ago Cybersecurity-insiders.com
Google Cloud Report Spotlights 2024 Cybersecurity Challenges - As the New Year dawns, a cybersecurity report from Google Cloud suggests that while there are many challenges ahead, it will also become simpler for cybersecurity teams to leverage artificial intelligence to better defend IT environments. John ...
10 months ago Securityboulevard.com
Hackers Gaining Unauthorized Access to Windows Devices Through Silver and BYOVD Exploits - Last summer, cybercriminals began using Sliver as an alternative to Cobalt Strike, using it for monitoring networks, executing commands, loading reflective DLLs, spawning sessions, and manipulating processes. Recently, attacks have been observed ...
1 year ago Heimdalsecurity.com
Rhadamanthys Stealer malware evolves with more powerful features - The developers of the Rhadamanthys information-stealing malware have recently released two major versions to add improvements and enhancements across the board, including new stealing capabilities and enhanced evasion. Rhadamanthys is a C++ ...
10 months ago Bleepingcomputer.com
Why CVEs Are an Incentives Problem - I've been thinking about some of these unintended consequences in the context of a growing problem faced by all of us in cybersecurity: how a fast-rising tide of software vulnerabilities tracked as common vulnerabilities and exposures - are reported ...
5 months ago Darkreading.com
Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing - As we reflect on 2022, we've seen that malicious actors are constantly coming up with new ways to weaponize technologies at scale to cause more disruption and devastation. The dangers are showing up everywhere - and more frequently. The volume and ...
1 year ago Securityweek.com
5 Major Cybersecurity Trends to Know for 2024 - AI turbo-charges cybersecurity and cyberthreats: Artificial intelligence will boost both attackers and defenders while causing governance issues and learning pains. Attack surfaces will explode: Cyberdefense complexity will compound as API, cloud, ...
10 months ago Esecurityplanet.com
Is Generative AI about to scam us all? - While governments worry about the unrealistic prospect of artificial intelligence triggering Armageddon, generative AI tools actually present an imminent threat to their citizens. As with any technology evolution, cybercriminals are already using AI ...
8 months ago Pandasecurity.com
Strobes 2023 Pentesting Recap: Trends, Stats, and How PTaaS is Transforming Cybersecurity - This article covers some amazing statistics on what category of vulnerabilities we commonly report across 100s of customers, and how we reduce compliance times and turn around time to reporting critical vulnerabilities. In a different article, we ...
10 months ago Securityboulevard.com
Cybercriminals Hesitant About Using Generative AI - Cybercriminals are so far reluctant to use generative AI to launch attacks, according to new research by Sophos. Examining four prominent dark-web forums for discussions related to large language models, the firm found that threat actors showed ...
11 months ago Infosecurity-magazine.com
The Next Year in Cybersecurity: Quantum, Generative AI and LLMs & Passwords - While the world will always be unpredictable, several strong trends in cybersecurity point to promising and concerning developments in the months ahead. One thing's for sure: 2024 will be a very significant and interesting year. Artificial ...
8 months ago Securityboulevard.com
Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over - Takedown of malware infrastructure by law enforcement has proven to have an impact, albeit limited, on cybercriminal activity, according to threat intelligence provider Recorded Future. The Emotet takedown, led by Europol and Eurojust in 2021. The ...
9 months ago Infosecurity-magazine.com
CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
5 months ago Securityaffairs.com
Qlik Sense Vulnerabilities Exploited in Ransomware Attacks - Three vulnerabilities affecting a product of business analytics firm Qlik have likely been exploited in ransomware attacks, according to security operations firm Arctic Wolf. The cybersecurity company has reported seeing attacks that appear to ...
11 months ago Packetstormsecurity.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)