News

Fidelis Cybersecurity: hackers actively and successfully use for attacks investigated vulnerabilities

Experts from Fidelis Cybersecurity studied vulnerabilities that were most popular among hackers in the first quarter of 2019.

Though value of vulnerabilities dramatically falls immediately after publication of patches for them, intruders do not refuse from exploitation of bugs so quickly. In fact, hackers continue to use vulnerabilities until they can reach any worthy aims with their help.

“In addition to staying current with new threat campaigns and techniques, our intelligence team feels it’s also imperative to ensure we don’t lose focus on previously identified and existing threats”, — consider in Fidelis Cybersecurity.

According to Fidelis Cybersecurity report, many of the most actual threats in the first quarterly of 2019 are old, well-known bugs, patches for them arrived few years ago.

So, nearly one third of all detected in the first quarterly problems (exploits, vulnerabilities, malware) date 2017 and earlier.

Over 27% of the alerts were related to exploits, vulnerabilities, or malware that came out in 2017 or earlier

For example, the most active malwares were H-W0rm (Houdini) and njRAT, two Trojans of remote access (RAT) that exist at least since 2012. Moreover, experts suggest that developers of these “tools” work together.

Additionally, analysts accounted that about 27% of compromise attempts (more than 550 000 investigated incidents) were linked to vulnerabilities, detected in 2017 and earlier.

“Threat actors and campaigns not only are able to adjust to current trends and update capabilities, but also highlights the continued focus on pre-existing vulnerabilities and recurring tactics to carry out their campaigns and activity”, — emphasize in Fidelis Cybersecurity.

As a result, top-5 most popular old issues look like this:

  • CVE-2017-8570— RCE bug Composite Moniker, exploit is publicly available;
  • CVE-2017-0143– problem that involves SMBv1, exploit is published by ShadowBrokers (Eternal Synergy) group;
  • CVE-2018-11776– RCE-vulnerability in Apache Struts, exploit is publicly available;
  • CVE-2017-11882— RCE-vulnerability in Microsoft Office, exploit is publicly available;
  • CVE-2009-3129– RCE-vulnerability in Microsoft Excel/Word, was used in Red October operation, exploit is publicly available.

Source: www.fidelissecurity.com

Polina Lisovskaya

I works as a marketing manager for years now and loves searching for interesting topics for you

Recent Posts

Remove News-bpudepi.today Pop-up Ads

About News-bpudepi.today News-bpudepi.today pop-ups can not launch out of the blue. If you have actually…

2 days ago

Remove Doguhtam.xyz Pop-up Ads

About Doguhtam.xyz Doguhtam.xyz pop-ups can not expose out of nowhere. If you have clicked some…

2 days ago

Remove News-xlixoti.com Pop-up Ads

About News-xlixoti.com News-xlixoti.com pop-ups can not introduce out of nowhere. If you have actually clicked…

2 days ago

Remove Ducesousightion.com Pop-up Ads

About Ducesousightion.com Ducesousightion.com pop-ups can not introduce out of the blue. If you have actually…

2 days ago

Remove News-xlabica.live Pop-up Ads

About News-xlabica.live News-xlabica.live pop-ups can not launch out of the blue. If you have actually…

2 days ago

Remove Mergechain.co.in Pop-up Ads

About Mergechain.co.in Mergechain.co.in pop-ups can not expose out of the blue. If you have clicked…

2 days ago