Imminent Zero-Day Attacks

Uploaded on 2024-11-15 in NEWS-Cybersecurity News, FREE TO VIEW

Britain and its international allies have recently issued an alert showing an increase in cyber attackers initially exploiting previously unknown vulnerabilities to compromise enterprise networks. The National Cyber Security Centre (NCSC), a part of GCHQ, alongside partners in Australia, Canada, New Zealand and the United States, has shared a list of the top 15 routinely exploited vulnerabilities of 2023.

Of these vulnerabilities, the majority were first exploited as zero-days, weaknesses that were recently discovered and where a fix or patch was not immediately available from the vendor, allowing attackers to conduct cyber operations against higher-priority targets.

This trend, which the NCSC has continued to observe into 2024, marks a shift from 2022 when less than half of the top list was initially exploited as zero-day vulnerabilities.

The advisory strongly encourages enterprise network defenders to maintain vigilance with their vulnerability management processes, including applying all security updates in a timely manner and ensuring they have identified all assets in their estates.

It also calls on technology vendors and developers to follow advice on implementing secure-by-design principles into their products to help reduce the risk of vulnerabilities being introduced at source and being exploited later.
Ollie Whitehouse, NCSC Chief Technology Officer, said “More routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organisations and vendors alike as malicious actors seek to infiltrate networks.  

“To reduce the risk of compromise, it is vital all organisations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace...

“We urge network defenders to be vigilant with vulnerability management, have situational awareness in operations and call on product developers to make security a core component of product design and life-cycle to help stamp out this insidious game of whack-a-mole at source”. All vulnerabilities listed have had patches and fixes made available from the vendors to help mitigate the risk of compromise. 

In the case of zero-day vulnerabilities, where exploitation is rife it is vital organisations have a process in place to install vendor updates at pace after they become available to minimise the opportunity for attackers.

In addition to the top list, the advisory also details a further 32 vulnerabilities that were routinely exploited in 2023.
If mitigation steps have not already been taken, network defenders should follow vendor advice in each case and check for indicators of compromise before applying updates.

NCSC   |   NCSC   |    CISA 

Image: 

You Might Also Read: 

Is The British Government Doing Enough To Combat Cyberattacks Against Critical Infrastructure?:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Managing API Sprawl: The Growing Risk Of Shadow APIs & How To Mitigate It
Musk Sues Microsoft Over OpenAI »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Qualys

Qualys

Qualys is a pioneer and leading provider of cloud security and compliance solutions.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

Cyber DriveWare

Cyber DriveWare

DriveWare analyzes new traffic in the I/O layer and blocks malware and cyber attacks which organizations have no means to protect against.

Chainalysis

Chainalysis

Chainalysis provides blockchain analysis software to prevent, detect and investigate cryptocurrency money laundering, fraud and compliance violations.

ESL Bangladesh

ESL Bangladesh

ESL is the Largest IT Infrastructure & Telecom Service Provider in Bangladesh.

SYSGO

SYSGO

SYSGO is the leading European provider of real-time operating systems for critical embedded applications in the Internet of Things (IoT).

IdentityIQ

IdentityIQ

IdentityIQ is a US-based identity theft and credit protection company designed to help users stay on top identity thieves and data breaches.

SOC Experts

SOC Experts

SOC Experts is a pioneer (we started SOC training well before people realized how big the domain was going to be) and the only institution to provide end-to-end training on Security Operations Centers

Kyndryl

Kyndryl

Kyndryl has a comprehensive portfolio that leverages hybrid cloud solutions, business resiliency, and network services to help optimize your IT workloads and transformations.

Cyber Security Works (CSW)

Cyber Security Works (CSW)

Cyber Security Works is your organization’s early cybersecurity warning system to help prevent attacks before they happen.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

iManage

iManage

iManage's intelligent, cloud-enabled, secure knowledge work platform enables organizations to uncover and activate the knowledge that exists inside their business.

Laneden

Laneden

Laneden specialise in helping organisations identify security concerns and quantify the risks you may have across your assets, using Penetration Testing, Threat Simulation and Compliance Testing.

National Cyber Security Agency (NCSA) - Thailand

National Cyber Security Agency (NCSA) - Thailand

National Cyber Security Agency of Thailand is responsible for coordinating and implementing national cybersecurity policies, strategies, and initiatives.

Contextal

Contextal

Contextal develops cutting-edge open-source cybersecurity solutions, designed to connect the dots and detect complex threats, which slip through the existing protections.

Proton

Proton

Proton provides free encrypted email, calendar, drive, password manager, and VPN services. Building a better Internet.