Imminent Zero-Day Attacks

Uploaded on 2024-11-15 in NEWS-Cybersecurity News, FREE TO VIEW

Britain and its international allies have recently issued an alert showing an increase in cyber attackers initially exploiting previously unknown vulnerabilities to compromise enterprise networks. The National Cyber Security Centre (NCSC), a part of GCHQ, alongside partners in Australia, Canada, New Zealand and the United States, has shared a list of the top 15 routinely exploited vulnerabilities of 2023.

Of these vulnerabilities, the majority were first exploited as zero-days, weaknesses that were recently discovered and where a fix or patch was not immediately available from the vendor, allowing attackers to conduct cyber operations against higher-priority targets.

This trend, which the NCSC has continued to observe into 2024, marks a shift from 2022 when less than half of the top list was initially exploited as zero-day vulnerabilities.

The advisory strongly encourages enterprise network defenders to maintain vigilance with their vulnerability management processes, including applying all security updates in a timely manner and ensuring they have identified all assets in their estates.

It also calls on technology vendors and developers to follow advice on implementing secure-by-design principles into their products to help reduce the risk of vulnerabilities being introduced at source and being exploited later.
Ollie Whitehouse, NCSC Chief Technology Officer, said “More routine initial exploitation of zero-day vulnerabilities represents the new normal which should concern end-user organisations and vendors alike as malicious actors seek to infiltrate networks.  

“To reduce the risk of compromise, it is vital all organisations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace...

“We urge network defenders to be vigilant with vulnerability management, have situational awareness in operations and call on product developers to make security a core component of product design and life-cycle to help stamp out this insidious game of whack-a-mole at source”. All vulnerabilities listed have had patches and fixes made available from the vendors to help mitigate the risk of compromise. 

In the case of zero-day vulnerabilities, where exploitation is rife it is vital organisations have a process in place to install vendor updates at pace after they become available to minimise the opportunity for attackers.

In addition to the top list, the advisory also details a further 32 vulnerabilities that were routinely exploited in 2023.
If mitigation steps have not already been taken, network defenders should follow vendor advice in each case and check for indicators of compromise before applying updates.

NCSC   |   NCSC   |    CISA 

Image: 

You Might Also Read: 

Is The British Government Doing Enough To Combat Cyberattacks Against Critical Infrastructure?:

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« Managing API Sprawl: The Growing Risk Of Shadow APIs & How To Mitigate It
Musk Sues Microsoft Over OpenAI »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Datiphy

Datiphy

Datiphy's data-centric security platform uses behavioral analytics, and data-centric auditing and protection capabilities to mitigate risk.

Global Forum on Cyber Expertise (GFCE)

Global Forum on Cyber Expertise (GFCE)

GFCE is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

NRI Secure Technologies

NRI Secure Technologies

NRI SecureTechnologies is a Cybersecurity group company of the Nomura Research Institute (NRI) and a global provider of next-generation Managed Security Services and Security Consulting.

Bio-Morphis

Bio-Morphis

Bio-Morphis Reflex solution is a paradigm shift in the approach to information systems security.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

CYSEC SA

CYSEC SA

Cysec is equipped to deliver agile security solutions for the most challenging IT infrastructures around the world.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

Industrial Defender

Industrial Defender

Committed to ICS Cybersecurity. Industrial Defender provides a fully automated solution to discover, track and report on assets across your ICS footprint.

Techmentum

Techmentum

At Techmentum, our mission is to utilize technology to help companies succeed. Our expertise includes fully managed IT services, cybersecurity, cloud, and custom technology solutions.

Zeron

Zeron

Zeron build bridges between security teams and top management. Our platform unifies your cyber risk posture seamlessly, encompassing threat insights and quantifiable risk scenarios.

SecureDNE

SecureDNE

SecureDNE are a leading provider of cutting-edge Fractional CISO, Managed Cybersecurity Services, and Cybersecurity Engineering Solutions.

SolidityScan

SolidityScan

SolidityScan is an advanced smart contract scanning tool designed to uncover vulnerabilities and proactively address risks within your code.

US Insider Risk Management Center of Excellence (US-InRM)

US Insider Risk Management Center of Excellence (US-InRM)

The US-InRM Center of Excellence is a nonprofit organization dedicated to promoting private, public, and academic partnerships to foster knowledge sharing and resources to mitigate insider risk.

Price Forbes

Price Forbes

Building on more than 100 years of specialist insurance broking, Price Forbes partner with clients around the world who are looking to understand and balance today’s risk and plan for the future.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.