Tag Archive for: Surge

Rise of Zero-Day Vulnerabilities: Enterprise Software Now a Prime Target for Hackers With 64% YoY Surge

/in


In the fast-paced world of cybersecurity, “zero-day” vulnerabilities loom as a formidable challenge for tech giants investing billions in enhancing user experiences. These vulnerabilities are mostly software flaws that developers fail to detect, leaving no immediate patches or fixes available to protect against potential exploitation. According to a recent report, “Google’s Threat Analysis Group,” the year 2023 witnessed a significant rise in the exploitation of zero-day vulnerabilities.

To be precise, the exploitation of zero-day vulnerabilities increased a notable 56.5% YoY, from 62 in 2022 to 97 in 2023. However, this number fell short of the record set in 2021, when 106 zero-day vulnerabilities were observed being exploited.

The surge in vulnerability exploitation suggests that hackers are becoming more aggressive and adept at discovering and using vulnerabilities to launch cyberattacks.

As these vulnerabilities are exploited, Commercial Surveillance Vendors (CSVs) emerge as key players in the cyber threat ecosystem. In 2023, CSVs were responsible for 75% of known zero-day exploits targeting Google products and Android ecosystem devices, comprising 13 out of 17 vulnerabilities. These CSVs specialize in selling spyware capabilities to government clients for surveillance activities.

Out of the 37 zero-day vulnerabilities exploited in browsers and mobile devices in 2023, more than 60% were attributed to Commercial Surveillance Vendors (CSVs).

Attackers have also increased their efforts to exploit vulnerabilities within third-party components and libraries. This strategy was chosen because exploiting these vulnerabilities could potentially impact multiple products simultaneously.

Threat actors across various motivations actively sought out vulnerabilities in products or components that offered broad access to multiple targets, reflecting a scalable and effective approach to launching attacks.

It is important to note that there was a whopping 64% YoY increase in the number of vulnerabilities targeted by hackers in enterprise-specific technologies during 2023. This trend was further evidenced by the widening range of enterprise vendors targeted since at least 2019,…

Source…

Israel Saw 43% Surge In Cyber Attacks From Iran, Hezbollah In 2023

/in


Israel saw a 43% surge in cyber assaults originating from Iran and Hezbollah in the last year, a recent report from Israel’s National Cyber Directorate has revealed.

The annual publication highlights a significant escalation in cyber warfare tactics during the period from the October 7 invasion from Iran-backed Hamas, to the end of 2023.

According to the report, Israel encountered a 2.5-fold increase in cyber intrusions compared to previous years, with a total of 3,380 attacks documented during the specified timeframe. Notably, 800 of the attacks were deemed to possess “significant potential for damage” by the National Cyber Directorate.

“The war brought with it an increase in cyber attacks that intensified gradually, shifting from a focus on information theft to disruptive and damaging attacks,” the report stated. It said the attacks had aims from simply spreading public discord to more sophisticated endeavors designed to disrupt essential organizations and influential companies within supply chains.

The Directorate underscored the targeting of hospitals as central objectives, attacks aimed at undermining the war effort and intelligence gathering, and a burgeoning collaboration between Iran and Hezbollah in executing cyber operations.

Throughout 2023, the Directorate registered a total of 13,040 verified cyber attack reports, representing a 43% surge compared to the preceding year. Notably, 68% of these reports coincided with the Gaza conflict.

Of the reported attacks, 41% targeted social networks, 25% were phishing attempts, and 13% exploited vulnerabilities in computer systems. The remaining assaults comprised malware attacks, disruptions to operational continuity, and communication disruptions.

The report also emphasized the prevalent use of compromised login data and phishing techniques by attackers, underscoring the need for heightened vigilance and enhanced cybersecurity measures across critical sectors.

Source…

Google reports a significant surge in zero-day vulnerabilities in 2023

/in


A new report released today by Google LLC’s Threat Analysis Group and Google-owned Mandiant warns that zero-day exploits have become more common amid a rise in nation-state hackers.

The report, “We’re All in this Together: A Year in Review of Zero-Days Exploited In-the-Wild in 2023,” detailed 97 zero-day vulnerabilities observed by Google in 2023, up from 62 in 2023 but down from 106 in 2021. Zero-day attacks exploit a previously unknown vulnerability in software before developers have had the opportunity to fix it.

Of the 97 zero-days tracked in 2023, 36 targeted enterprise-focused technologies, such as security software and devices, while the remaining 61 affected end-user platforms and products, such as mobile devices, operating systems, browsers and other applications.

Adversary exploitation of enterprise-specific technologies jumped 64% over the previous year, with Google also seeing a general increase in the number of enterprise vendors targeted since 2019. Attackers were seen to be shifting to third-party components and libraries in 2023, as zero-day vulnerabilities in both were found to be a prime attack surface in 2023.

Commercial surveillance vendors — companies that develop and sell tools and software designed for monitoring and gathering intelligence, often used by governments — were found to be behind 75% of known zero-day exploits targeting Google products and Android ecosystem devices in 2023. CSVs were also found to be behind 60% of the 37 zero-day vulnerabilities in browsers and mobile devices exploited in 2023.

The report alleges that China was the lead source of government-back exploitation, claiming that Chinese cyber espionage groups exploited 12 zero-day vulnerabilities in 2023, up from seven in 2022.

Another finding in the report was surprising: The Google researchers found that exploitation associated with financially motivated actors proportionally decreased in 2023, with financially motivated actors found to account for only 10 zero-day exploits last year. Threat group FIN11 was found to be behind three of them.

“Exploiting zero-days is no longer a niche capability,” the report notes. “The proliferation of exploit technology…

Source…

FS-ISAC: Ransomware drives surge in cyberattacks in 2023

/in


Cybersecurity

Image by Pete Linforth from Pixabay

Cybersecurity threats in the Asia-Pacific (APAC) region surged by 15% in 2023, with ransomware attacks as the top driver for the increase, according to the latest report released by the Financial Services Information Sharing and Analysis Center (FS-ISAC). 

The findings, drawn from FS-ISAC’s network of member financial firms from 75 countries, underscore the growing sophistication of cyber threats faced by businesses. Ransomware attacks continue to wreak havoc, ranking as the fourth most common threat to the financial sector in the APAC region.

Based on FS-ISAC’s data, there is an average of 1,963 attacks per week and organizations in the region found themselves increasingly targeted by cybercriminals in 2023. The report, titled “Navigating Cyber 2024,” warns that this pattern is expected to persist in 2024, aligning with global trends in cybercrime.

READ:
Report: 11% of DDoS attacks in APAC target financial institutions
Report: The cyber threats that matter to financial institutions

“Each year, a new set of threats comes to light, requiring the financial services sector’s mitigation strategies to advance at an equal if not faster pace than threat actors’ tactics,” said Steven Silberstein, CEO of FS-ISAC.

Emerging threats

The report highlighted the evolving tactics, techniques, and procedures (TTPs) employed by threat actors, including social engineering, SEO poisoning, malvertising, and QR code phishing. The use of generative artificial intelligence (GenAI) by cybercriminals is also identified as a growing concern, enabling scale and automation in attacks while posing challenges for defense mechanisms.

The emerging threats that pose challenges to the financial sector’s cybersecurity posture include heightened geopolitical hacktivism, new extortion tactics in response to global regulations, challenges posed by quantum computing and AI advancements, and vulnerabilities in the supply chain.

 “As we look ahead to a critical year marked by emerging technology and heightened geopolitical tensions, the best way to maintain the integrity, security, and trust of the sector is through global…

Source…