Exploiting vulnerabilities are a proven point of entry for threat actors. In this section we highlight critical vulnerabilities that have been published during 2023 and enable readers to gain insights into the dynamics of the vulnerability landscape.
According to NIST, 2023 saw a total of 29,065 vulnerabilities disclosed across the year compared to 25,083 in 2022 an increase of 3,982 in a year. As the corporate world settles into a hybrid and remote working environment, the top three MITRE techniques exploited are exploitation of remote services, exploitation of public facing applications and the exploitation for privilege escalation. Additionally, of the disclosed vulnerabilities, less than 1% of them were continually exploited in the wild according to Qualys. With the increase in remote work and AI seen this year, 3 in 4 security professionals also believe that the cyber risk of organizations has increased. Furthermore, the reliance on supply chain security is also high on the agenda for organisations with 8 in 10 saying there is an ever-increasing dependency on good security postures of those in their supply chains according to SoSafe. Managed File Transfer platforms are a way for organisations to securely share files and data with other parties. They are usually more secure than other methods including the File Transfer Protocol (FTP) and email. Additionally, they are usually hosted in the cloud so are scalable and efficient. These platforms are used by organisations to share a variety of documentation including contracts for new hires and for suppliers and clients. Therefore, these platforms have a vast array of data traversing them and could be seen as valuable to malicious actors. In 2023, the vulnerabilities disclosed showed exactly this with data sharing enabling platforms including MFT platforms such as GoAnywhere and MOVEit and print management solution PaperCut NG featuring in the Qualys top
exploited vulnerabilities with CVE-2023-0669, CVE- 2023-34362 and CVE-2023-27350 respectively.
Furthermore, the top ten exploited vulnerabilities of 2023 were all from the year apart from CVE-2022- 41328 which is a Fortinet FortiOS vulnerability from a previous year still heavily exploited in the wild sitting at number 3 in the list. In addition, SentinelOne continue to see Fortinet FortiOS & FortiProxy (CVE-2018-13379), Microsoft Exchange Server (CVE-2021-34473, CVE-2021- 31207, CVE-2021-34523) and Atlassian Confluence Server & Data Centre (CVE-2021-26084, CVE-2022- 26134) among other historic vulnerabilities being routinely abused throughout 2023. This shows that organisations are not implementing sufficient mitigation or remediation efforts to secure their digital estate from historic vulnerabilities and shows the importance of an effective patch management programme to mitigate this threat. 2023 saw the rise of Artificial Intelligence (AI) and Machine Learning (ML) with OpenAI’s ChatGPT becoming widely adopted in the mainstream. This presents a variety of opportunities and challenges for both malicious actors and defenders of digital estates. The UK’s National Cyber Security Centre (NCSC) believes it has great potential but needs to be built on secure foundations. The fast rise of the technology has created a new vulnerability in adversarial attacks. NCSC say there are several methods for this attack including data poisoning. Additionally, AI presents an opportunity to get ahead of the vulnerability before they are found because AI can spot insecure coding practices.
However, AI can be used maliciously to develop better phishing and malware capabilities.
53
Made with FlippingBook - PDF hosting