ASD ACSC Issues Joint Advisory Detailing Most Commonly Exploited Vulnerabilities

ASD ACSC Issues Joint Advisory Detailing Most Commonly Exploited Vulnerabilities

ASD ACSC Issues Joint Advisory Detailing Most Commonly Exploited Vulnerabilities

Zero-day exploits are the most commonly used by threat actors to compromise organizations, with a sharp increase in their use compared to 2022.

The Australian Cyber ​​Security Center (ACSC) at the Australian Signals Directorate (ASD) has joined a host of partner agencies to release a report on the most commonly exploited vulnerabilities in 2023.

The joint advisory – imaginatively named the top vulnerabilities routinely exploited in 2023 – was co-authored by agencies across the Five Eyes alliance, including the US Cybersecurity and Infrastructure Security Agency, the National Cybersecurity Center of the United Kingdom and the National Cyber ​​Security Center of New Zealand.

Besides the list of the 15 most common vulnerabilities exploited by threat actors in 2023, the most alarming observation is that the use of zero-day exploits is on the rise.

According to the advisory, in 2023, “the majority of the most frequently exploited vulnerabilities were initially exploited as zero-day, representing an increase from 2022, when less than half of the most frequently exploited vulnerabilities were exploited as zero-days.” that day zero”. .

Agencies have also found that vulnerabilities have a certain window of effectiveness, with malicious actors achieving the most success within two years of disclosing a vulnerability. After this time, systems and platforms tend to be eventually patched or patched.

Regarding the most used vulnerabilities, the two main ones are CVE-2023-3519 and CVE-2023-4966, both impacting Citrix NetScaler ADC and NetScaler Gateway. Numbers three and four are CVE-2023-20198 and CVE-2023-20273, both of which impact Cisco IOS XE.

CVE-2023-27997 is number five and affects Fortinet FortiOS and FortiProxy SSL-VPN, while number six is ​​CVE-2023-34362, which affects Progress MOVEit Transfer.

You can find the full list in the notice here.

According to James Greenwood, regional vice president of technical account management at cybersecurity firm Tanium, “it is impossible for average IT operations teams to track zero-day, and even existing, vulnerabilities without automation. Automated patching allows teams to move from reactive to proactive vulnerability management, keeping systems up to date quickly and at scale.

Tanium’s own research found that 94% of organizations are unaware of 20% of their endpoints, illustrating the importance of real-time monitoring.

“Organizations that want to follow ACSC’s advice should deploy tools that can identify and manage endpoints in real time,” Greenwood said.

“When every moment counts, organizations can then identify affected assets in seconds so that vulnerabilities are quickly contained. This is the only way we stand a chance against zero-day exploits. »

Janine Morris, head of industry engagement and strategy at AvePoint, also noted that the ACSC advice shows the need to have appropriate data governance routines in place.

“By properly classifying, controlling access to critical data and eliminating content that is no longer needed, organizations can limit exposure and prevent unauthorized access in the event of a breach,” Morris said.

“Strong governance ensures that sensitive data remains protected, even when vulnerabilities are exploited. »

Government is now the city's most popular tech employer

Government is now the city’s most popular tech employer

Social media detectives, armed with AI, identify corpses

Social media detectives, armed with AI, identify corpses

Leave a Reply

Your email address will not be published. Required fields are marked *