Fidelis Cybersecurity: hackers ativamente e com sucesso ser usado para ataques investigado vulnerabilidades

Especialistas de Fidelis Cybersecurity estudou vulnerabilidades que eram mais populares entre os hackers no primeiro trimestre de 2019.

Though value of vulnerabilities dramatically falls immediately after publication of patches for them, intrusos não se recusam a exploração de bugs tão rapidamente. de fato, hackers continuam a usar as vulnerabilidades até que eles possam chegar a qualquer objetivos dignos com a sua ajuda.

In addition to staying current with new threat campaigns and techniques, our intelligence team feels it’s also imperative to ensure we don’t lose focus on previously identified and existing threats”, — consider in Fidelis Cybersecurity.

According to Fidelis Cybersecurity report, many of the most actual threats in the first quarterly of 2019 are old, well-known bugs, patches for them arrived few years ago.

assim, nearly one third of all detected in the first quarterly problems (exploits, vulnerabilidades, Malware) date 2017 e anteriores.

trt telemetry
Sobre 27% of the alerts were related to exploits, vulnerabilidades, or malware that came out in 2017 or earlier

Por exemplo, the most active malwares were H-W0rm (Houdini) e njRAT, two Trojans of remote access (RATO) that exist at least since 2012. Além disso, experts suggest that developers of these “tools” work together.

Além disso, analysts accounted that sobre 27% of compromise attempts (Mais que 550 000 investigated incidents) were linked to vulnerabilities, detected in 2017 e anteriores.

Threat actors and campaigns not only are able to adjust to current trends and update capabilities, but also highlights the continued focus on pre-existing vulnerabilities and recurring tactics to carry out their campaigns and activity”, — emphasize in Fidelis Cybersecurity.

como um resultado, top-5 most popular old issues look like this:

  • CVE-2017-8570— RCE bug Composite Moniker, exploit is publicly available;
  • CVE-2017-0143– problem that involves SMBv1, exploit is published by ShadowBrokers (Eternal Synergy) Grupo;
  • CVE-2018-11776– RCE-vulnerability in Apache Struts, exploit is publicly available;
  • CVE-2017-11882— RCE-vulnerability in Microsoft Office, exploit is publicly available;
  • CVE-2009-3129– RCE-vulnerability in Microsoft Excel/Word, was used in Red October operation, exploit is publicly available.


Sobre Trojan Killer

Carry Trojan Killer portátil em seu memory stick. Certifique-se que você é capaz de ajudar o seu PC resistir a quaisquer ameaças cibernéticas onde quer que vá.

Além disso, verifique

MageCart na Cloud Platform Heroku

Os investigadores encontraram vários MageCart Web Skimmers Em Heroku Cloud Platform

Pesquisadores da Malwarebytes informou sobre encontrar vários skimmers MageCart web na plataforma Heroku nuvem …

Android Spyware CallerSpy

máscaras spyware CallerSpy como uma aplicação de chat Android

Trend Micro especialistas descobriram a CallerSpy malwares, que mascara como uma aplicação de chat Android, …

Deixe uma resposta