Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

admin by admin
November 6, 2022
in Ethical Hackers


Microsoft is warning of an uptick among nation-state and criminal actors increasingly leveraging publicly-disclosed zero-day vulnerabilities for breaching target environments.

The tech giant, in its 114-page Digital Defense Report, said it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” making it imperative that organizations patch such exploits in a timely manner.

This also corroborates with an April 2022 advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), which found that bad actors are “aggressively” targeting newly disclosed software bugs against broad targets globally.

CyberSecurity

Microsoft noted that it only takes 14 days on average for an exploit to be available in the wild after public disclosure of a flaw, stating that while zero-day attacks are initially limited in scope, they tend to be swiftly adopted by other threat actors, leading to indiscriminate probing events before the patches are installed.

It further accused Chinese state-sponsored groups of being “particularly proficient” at discovering and developing zero-day exploits.

0-Day Vulnerabilities

This has been compounded by the fact that the Cyberspace Administration of China (CAC) enacted a new vulnerability reporting regulation in September 2021 that requires security flaws to be reported to the government prior to them being shared with the product developers.

Redmond further said the law could enable government-backed elements to stockpile and weaponize the reported bugs, resulting in the increased use of zero-days for espionage activities designed to advance China’s economic and military interests.

state-sponsored hackers

Some of the vulnerabilities that were first exploited by Chinese actors before being picked up other adversarial groups include –

  • CVE-2021-35211 (CVSS score: 10.0) – A remote code execution flaw in SolarWinds Serv-U Managed File Transfer Server and Serv-U Secure FTP software that was exploited by DEV-0322.
  • CVE-2021-40539 (CVSS score: 9.8) – An authentication bypass flaw in Zoho ManageEngine ADSelfService Plus that was exploited by DEV-0322 (TiltedTemple).
  • CVE-2021-44077 (CVSS score: 9.8) – An unauthenticated remote code execution flaw in Zoho ManageEngine ServiceDesk Plus that was exploited by DEV-0322 (TiltedTemple).
  • CVE-2021-42321 (CVSS score: 8.8) – A remote code execution flaw in Microsoft Exchange Server that was exploited three days after it was revealed during the Tianfu Cup hacking contest on October 16-17, 2021.
  • CVE-2022-26134 (CVSS score: 9.8) – An Object-Graph Navigation Language (OGNL) injection flaw in Atlassian Confluence that’s likely to have been leveraged by a China-affiliated actor against an unnamed U.S. entity days before the flaw’s disclosure on June 2.

The findings also come almost a month after CISA released a list of top vulnerabilities weaponized by China-based actors since 2020 to steal intellectual property and develop access into sensitive networks.

“Zero-day vulnerabilities are a particularly effective means for initial exploitation and, once publicly exposed, vulnerabilities can be rapidly reused by other nation state and criminal actors,” the company said.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

Hash-Cracker – A Small Util To Brute-Force Prefetch Hashes

Next Post

How to watch Mushoku Tensai from anywhere

Next Post

How to watch Mushoku Tensai from anywhere

Recommended

Shellcode Loader, Developed Using Different Open-Source Libraries, That Demonstrates Different Execution Techniques

3 months ago

What is Pegasus malware and how can I avoid it?

3 months ago

© Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.