768 weaknesses with the designated CVE identifiers were reported as exploitation in Wild in 2024, 2023 recorded an increase of 20% above 639 CVES, 20% year-on-year.
Describing 2024 as another banner year for the danger actors of the danger actors who targeted the exploitation of weaknesses, “Vulnachec said that 23.6% known exploited weaknesses (KV) were either known for being armed or Before the day his cves were publicly disclosed.
This is a slight decrease from 26.8%of 2023, indicating that exploitation efforts can occur at any time in the life cycle of vulnerability.
“During 2024, 1% of the published cves was publicly reported as exploitation in the wild,” Vulkchek’s Patrick Garty said in a report shared with hackers news. “This number is expected to increase because exploitation is often discovered after a CVE is published.”
Two months after the company’s disclosure, it has been reported that 15 separate Chinese hacking groups have been linked to misuse of at least one of the top 15 in 2023 out of a total of 60 designated danger actors. .
Not surprisingly, Log4j Cve (CVE-2021-44228) is associated with the most danger actors with the most dangerous actors, associated with its exploitation with 31 nominated danger actors, “Garyweight said later last year , The company has potentially identified 65,245 hosts.
In all, approximately 400,000 internet-solid systems are susceptible to the exploitation of 15 security deficiencies in Apache, Atlasian, Barakuda, Citrix, Cisco, Fortinet, Microsoft, Progress, Paper, and Zoho products.
“Organizations should evaluate their risk for these technologies, increase visibility in potential risks, take advantage of strong danger intelligence information, maintain strong patch management practices, and wherever possible, internet of these devices -The reducing faced exposure should apply control control. “
