Cyber-assaults predominantly stem from ransomware and email takeovers
In a recent report published by Palo Alto Networks' Unit 42, it has been revealed that known and unpatched software vulnerabilities continue to pose a significant threat to organizations worldwide. The study, conducted over a 12-month period leading up to April 2022, analysed 600 incidents and found that nearly half of all cases of initial access used by threat actors to deploy ransomware were due to software vulnerabilities.
The report also highlighted the growing challenge posed by zero-day attacks, but it was found that nearly nine out of ten exploited vulnerabilities were not zero-day attacks. The study identified CVEs for SonicWall, ProxyLogon, Zoho ManageEngine ADSelfService Plus, and Fortinet as among the top exploited vulnerabilities.
Interestingly, the report showed that ProxyShell accounted for more than half of all exploited vulnerabilities, with Log4j following closely behind. The trio of initial access vectors - phishing, known software vulnerabilities, and brute-force credential attacks - collectively accounted for over 77% of all suspected root causes for intrusions.
Ransomware and business email compromise (BEC) accounted for more than two-thirds of all cyberattacks during the past 12 months, according to the report. BEC is a type of cyberattack where threat actors gain unauthorised access to business email accounts to defraud companies out of money.
The persistent exploitation of known and unpatched vulnerabilities underscores the impact of a chronic vulnerability-patch cycle on organizations and cybersecurity professionals. Threat actors are known to scan the internet at scale for weak points, further exacerbating the outsized threat posed by software vulnerabilities. In fact, it was found that attackers often scan for vulnerabilities in unpatched systems within 15 minutes of a CVE being published.
The six most frequently exploited CVE categories by cyber attackers, according to the report, are: Web Applications, Network Devices, Microsoft Windows, Adobe Products, Databases, and Open Source Software. These findings underscore the importance of regular software updates and patch management for organizations to protect themselves against cyber threats.
In conclusion, the report serves as a stark reminder of the importance of prioritising cybersecurity and the need for organizations to stay vigilant against known software vulnerabilities. As the digital landscape continues to evolve, it is crucial for organizations to adapt and strengthen their defences to ensure the security of their networks and data.
Read also:
- Hackers Utilize GOLD SALEM to Infiltrate Networks and Evade Security Measures, Deploying Warlock Ransomware
- Strengthening Resistance Against Combined Risks in an Age Characterized by Authoritarian Technology
- Artificial Intelligence with independent agency could potentially intervene in cybercrises.
- Autocrrypt and Cohda Wireless Collaborate for Secure Vehicle-to-Everything Communication
