HomeSecurity ArchitectureFortinet research shows cybercriminals exploiting new industry vulnerabilities 43% faster than in...

Fortinet research shows cybercriminals exploiting new industry vulnerabilities 43% faster than in the first half of 2023

Published on

spot_img

FortiGuard Labs released its 2H 2023 Global Threat Landscape Report, shedding light on the urgent need for vendors to prioritize vulnerability disclosure best practices and for organizations to enhance their cyber hygiene and patch management protocols. Derek Manky, the chief security strategist and global vice president of threat intelligence at FortiGuard Labs, emphasized the alarming rate at which threat actors are exploiting newly disclosed vulnerabilities. With over 26,447 vulnerabilities identified across more than 2,000 vendors in 2023, as reported by the National Institute of Standards and Technology (NIST), the importance of robust security scrutiny in all stages of product development cannot be understated.

According to Glenn Maiden, the director of threat intelligence at FortiGuard Labs, Australia and New Zealand, the escalating speed at which cyber vulnerabilities are being exploited poses a significant concern in the cybersecurity landscape. The report highlighted that attacks are initiated, on average, within 4.76 days after a vulnerability is disclosed, underscoring the shrinking window for organizational responses. Maiden stressed the need for a multi-layered approach that integrates prompt patching with advanced detection and response systems to mitigate risks effectively.

The report emphasized the necessity for a multi-faceted defense strategy that encompasses cloud, network, and endpoint security, all integrated into a streamlined operations center to reduce business risk exposure. Additionally, the rise of ‘living off the land’ (LOLT) tactics among attackers necessitates stringent monitoring, role-based access controls, multifactor authentication, and regular audits of security practices to counter sophisticated cyber threats effectively.

As cyber threats continue to evolve, the role of Security Operations Centers (SOCs) becomes increasingly critical. Proactive measures, such as comprehensive training programs and regular exercises, are essential to empower employees to respond swiftly and accurately to potential threats. Maiden highlighted the importance of clear guidance, defined roles, and responsibilities, as well as scenario rehearsals to enhance preparedness and response efficiency during security incidents.

Fortinet®, a global leader in cybersecurity, introduced the 2H 2023 Global Threat Landscape Report to provide insights into the evolving threat landscape and trends observed from July to December 2023. The report showcased alarming statistics, including the average time-to-exploitation after new exploits are disclosed, the existence of unpatched N-Day vulnerabilities spanning over 15 years, and the targeted ransomware activities aimed at the industrial and operational technology sectors.

One key revelation from the report indicated that less than 9% of all known endpoint vulnerabilities were targeted by attacks, underscoring the significance of prioritizing remediation efforts. Furthermore, the report highlighted the resilience of botnets, with an average of 85 days before ceasing command and control communications post-detection. The rise of advanced persistent threat (APT) groups, ransomware activities, and the emergence of new botnets were also notable findings from the report.

The report also delved into the discourse among threat actors on dark web forums, identifying prevalent targets across various industries, data breach incidents, discussed vulnerabilities, and advertised payment cards for sale. The findings underscored the pervasive nature of cyber threats and the imperative for organizations to bolster their cybersecurity posture through collaboration, transparency, and accountability.

In conclusion, the fight against cybercrime necessitates a collective effort from organizations, government entities, CERTs, and academia to enhance cyber resilience globally. Fortinet advocates for continuous technology innovation, collaboration across diverse industries, and active engagement in working groups dedicated to combatting cyber threats. By fostering a culture of collaboration and leveraging cutting-edge technologies, the cybersecurity community can effectively counter evolving cyber threats and safeguard digital ecosystems.

Source link

Latest articles

ClickFix and Removable Media: Key Malware Delivery Methods

Cybersecurity Trends: The Rise of ClickFix and USB-Based Attacks In the ever-evolving landscape of cybersecurity,...

Ransomware Negotiator Sentenced to 70 Months in Prison for Supporting BlackCat Attacks

Former Ransomware Negotiator Sentenced for Betrayal and Extortion In a significant legal development, a 41-year-old...

New Ransomware Uses Malicious Driver to Bypass Security Protections

Emerging Threat: GodDamn Ransomware Leverages Microsoft-Signed Drivers for Enhanced Evasion Tactics The landscape of ransomware...

Addressing Synthetic Media Challenges to Preserve Trust

The Rising Threat of Synthetic Media: Insights from VerifyLabs.AI Synthetic media, particularly in the form...

More like this

ClickFix and Removable Media: Key Malware Delivery Methods

Cybersecurity Trends: The Rise of ClickFix and USB-Based Attacks In the ever-evolving landscape of cybersecurity,...

Ransomware Negotiator Sentenced to 70 Months in Prison for Supporting BlackCat Attacks

Former Ransomware Negotiator Sentenced for Betrayal and Extortion In a significant legal development, a 41-year-old...

New Ransomware Uses Malicious Driver to Bypass Security Protections

Emerging Threat: GodDamn Ransomware Leverages Microsoft-Signed Drivers for Enhanced Evasion Tactics The landscape of ransomware...