• It's official FBI, CISA, and NSA reveal the most exploited vulne

    From TechnologyDaily@1337:1/100 to All on Thursday, November 14, 2024 00:00:06
    It's official FBI, CISA, and NSA reveal the most exploited vulnerabilities
    of 2023

    Date:
    Wed, 13 Nov 2024 23:55:00 +0000

    Description:
    These were most exploited vulnerabilities this year, security agenices reveal.

    FULL STORY ======================================================================Five Eyes alliance has revealed the most exploited vulnerabilities of 2023
    Zero-day exploits were the primary concern, with CVE-2023-3519 was at the top of the list Businesses urged to patch as soon as possible to stay safe

    The Five Eyes intelligence alliance has revealed the most routinely exploited vulnerabilities for 2023. The joint advisory, made with contributions from agencies in the US, UK, Australia, New Zealand, and Canada, has called for organizations to patch the security flaws to mitigate network exposure.

    The agencies confirmed what many in the industry will know all too well, that threat actors focus their attacks on zero-day attacks, with 12 out of the top 15 exploited vulnerabilities initially exploited as a zero-day.

    In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets, the advisory warned . Injections and escalations

    The top vulnerability for 2023 was CVE-2023-3519, a code injection in NetScaler ADC/Gateway using Citrix as the vendor, which was the tactic used
    in critical infrastructure attacks in the US last year, and had a severity rating of 9.8, making it a critical flaw.

    Another high severity flaw in the top three, CVE-2023-20198, was one that Cisco issued a patch for in October 2023, which allowed attackers to create accounts on affected devices with privileged access, gaining full control
    over the device.

    The agencies, as always, strongly encouraged end-user organizations to continually update software and applications, implement a robust patch management process, and perform regular secure systems backups to ensure your company stays safe against cyberattacks.

    Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability," the advisory warned,

    The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities. You might also like Take a look at our pick of the best antivirus removal software Five Eyes alliance seizes control of
    extensive spy tech network used by China Check out our choices for best ransomware protection tools around



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/its-official-fbi-cisa-and-nsa-reveal-th e-most-exploited-vulnerabilities-of-2023


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)