{"id":92454,"date":"2023-06-08T10:15:00","date_gmt":"2023-06-08T10:15:00","guid":{"rendered":"https:\/\/cloudnewshub.com\/?p=92454"},"modified":"2023-06-08T10:15:00","modified_gmt":"2023-06-08T10:15:00","slug":"vulnerability-exploitation-volumes-up-over-50-in-2022","status":"publish","type":"post","link":"https:\/\/cloudnewshub.com\/?p=92454","title":{"rendered":"Vulnerability exploitation volumes up over 50% in 2022"},"content":{"rendered":"
<\/div>\n

Driven by significant cyber security disclosures affecting supply chain dependencies, such as Log4j<\/a> and Realtek<\/a>, threat actors have vastly increased their use of vulnerabilities as a means to work their way inside their victims\u2019 systems, with vulnerability exploitation attempts per customer up by 55% year on year (YoY) over the course of 2022, according to data compiled by Palo Alto Networks\u2019 Unit 42<\/a> threat intelligence experts.<\/p>\n

Presented in the latest edition of its Network threat trends research report<\/a>, <\/i>Unit 42\u2019s data was drawn from across its parent\u2019s portfolio of network monitoring and cloud products and services, including its next-generation firewalls<\/a>, extended detection and response<\/a> (XDR), and secure access service edge<\/a> (SASE) offerings, as well as external feeds and sample exchanges among its peers in the industry.<\/p>\n

Unit 42\u2019s research team described a race between suppliers and threat actors to uncover and seal off new avenues of exploitation, which is creating a process of \u201cconstant churn\u201d and piling pressure on end-user security teams.<\/p>\n

Their findings tally with elements of Verizon\u2019s annual Data breach investigations report<\/a><\/i> (DBIR), which was also released this week, revealing that Log4j may potentially be the most exploited vulnerability in history.<\/p>\n

\u201cAttackers are using both vulnerabilities that are already disclosed and ones that are not yet disclosed \u2013 aka exploiting zero-day vulnerabilities,\u201d the research team wrote. \u201cWe continue to find that vulnerabilities using remote code execution<\/a> (RCE) techniques are being widely exploited, even ones that are several years old.<\/p>\n

\u201cWhile using old vulnerabilities might seem counterproductive, they still have significant value to attackers. In some cases, vulnerabilities discovered years ago have not been patched. This could be either because the company failed to fix the issue, or they didn\u2019t provide the patch in a way that customers could easily find. In other cases, the product could lack a patch because the product is at the end of its supported lifespan.\u201d<\/p>\n

However, they argued, the weight of responsibility for fixing this problem should not just fall on the security supplier community \u2013 end-user organisations must have appropriate processes in place for remediating vulnerabilities safely and quickly, paying particular attention to acquiring, testing and applying patches, but also accounting for issues that might not immediately spring to mind, such as the network bandwidth needed to rush a patch out across a large enterprise\u2019s entire IT estate.<\/p>\n

Others also lack awareness of available patches, and are effectively rendering old, well-known vulnerabilities \u2013 into which category Log4j must soon fall, if it has not done so already \u2013 as dangerous as a newly discovered zero-day.<\/p>\n

\u201cThreat actors know these problems exist, and they continue to try these old vulnerabilities because they\u2019re counting on organisations to fail at some point in the process of applying patches,\u201d they said.<\/p>\n

\n

<\/i>The rise of ChatGPT<\/h3>\n

The full report contains insight into a great many security trends, but perhaps among the most notable statistic is a 910% increase in monthly registrations for domains related to OpenAI\u2019s ChatGPT<\/a> tool, and a 17,818% increase in attempts to mimic ChatGPT through domain squatting.<\/p>\n

While these increases are of course starting from a base of zero given ChatGPT was only launched in 2022, they nonetheless highlight some of the more realistic risks<\/a> of tools driven by artificial intelligence (AI). Whereas much has been written about how ChatGPT may be able to create malicious activity, Unit 42\u2019s team said that they had not seen any noticeable rise in attributable, real-world activity in this regard.<\/p>\n

However, they said, many more traditional techniques are attempting to take advantage of AI, and it is this that is leading to a boom in fraud attempts and scams<\/a>.<\/p>\n

The speed with which scammers used traditional techniques to profit off the AI trend underscores that organisations need to exercise caution around internet activity and software that are getting attention in popular culture,\u201d the team wrote.<\/p>\n

\u201cAt the same time, it remains possible that threat actors could find ways to take advantage of the unique technological capabilities of AI. For the time being, the main way that organisations can prepare for this possibility is to continue to employ defence-in-depth best practices. Security controls that defend against traditional attacks will be an important first line of defence against any developing AI-related attacks going forward,\u201d they said.<\/p>\n<\/section>\n","protected":false},"excerpt":{"rendered":"

Driven by significant cyber security disclosures affecting supply chain dependencies, such as Log4j and Realtek, threat actors have vastly increased their use of vulnerabilities as a means to work their way inside their victims\u2019 systems, with vulnerability exploitation attempts per customer up by 55% year on year (YoY) over the course of 2022, according to […]<\/p>\n","protected":false},"author":1,"featured_media":92455,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[533],"tags":[],"class_list":["post-92454","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it"],"_links":{"self":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/92454","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=92454"}],"version-history":[{"count":0,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/posts\/92454\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=\/wp\/v2\/media\/92455"}],"wp:attachment":[{"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=92454"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=92454"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudnewshub.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=92454"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}