Zero-Day Exploits: Remote Access Vulnerabilities Are Now Hackers’ Top Target

The exploitation of widely used remote access software, such as Ivanti Secure Connect, PAN-OS, and Microsoft SmartScreen, emerged as a key focus for cybercriminals and state-sponsored actors, which underscores the growing sophistication and persistence of cyber threats, posing a significant risk to organizations across various industries.

There is a significant increase in malware and vulnerability exploitation in the first half of 2024, where Infostealer malware dominated the threat landscape, while Magecart attacks targeting e-commerce platforms saw a substantial 103% rise. 

Cyberattacks in the first half of 2024 became more sophisticated, with attackers exploiting newly discovered vulnerabilities and using advanced techniques to evade detection, highlighting the increasing threat posed by cybercriminals and emphasizing the need for organizations to implement robust cybersecurity measures to protect their systems and data. 

Cybercriminals and state-sponsored groups exploited zero-day vulnerabilities in remote access and security solutions. Despite available patches, these vulnerabilities remained attractive due to ease of exploitation and publicly available proof-of-concept exploit code. 

Popular targets included Ivanti Secure Connect, PAN-OS, and Microsoft Windows SmartScreen, leading to the continued exploitation of these vulnerabilities even after patches were released, resulting in significant security risks.

The top five vulnerabilities by cyberattack and cyber exploitation

Infostealers have emerged as the dominant malware category in the first half of 2024, with LummaC2 taking the lead as the most active infostealer, which is designed to stealthily harvest sensitive information, such as credit card details and login credentials, which are subsequently sold on underground forums for financial gain. 

The increasing prevalence of infostealers poses a significant threat to both businesses and individuals, as they can lead to substantial financial losses and identity theft.

Ransomware groups like Fog, RansomHub, and 3AM have evolved their tactics to become more sophisticated and evade detection. By using passwords to validate payload execution, they prevent security tools from analyzing the malicious code. 

This technique, combined with the use of malware loaders like GuLoader and Remcos, creates complex attack chains that are harder to detect and block, which highlights the ongoing threat posed by ransomware and the need for continuous adaptation in security measures.

Magecart attacks, which inject malicious code into e-commerce platforms to steal customer data, experienced a 103% increase in the first half of 2024, which was primarily due to vulnerabilities in popular platforms like Adobe Commerce and the emergence of new e-skimming tools like “Sniffer by Fleras.” 

The top ten malware families

The growing popularity of online shopping has made these attacks more lucrative for cybercriminals, emphasizing the urgent need for enhanced security measures on e-commerce websites to protect both businesses and consumers from data breaches.

To protect organizations from evolving threats, prioritize patch management, implement heuristic and behavior-based detection systems, educate employees on security best practices, and strengthen e-commerce security by auditing third-party integrations, enforcing CSPs, and conducting regular vulnerability scans. 

According to Recorded Future, cybercriminals are predicted to exploit recently discovered vulnerabilities in popular enterprise software, targeting remote access tools and next-generation firewalls. 

The prevalence of infostealers will continue as demand for stolen credentials persists on underground markets, while Magecart attacks will remain a significant threat, with attackers exploring new e-skimming techniques.

Also Read:

Kaaviya
Kaaviyahttps://cyberpress.org/
Kaaviya is a Security Editor and fellow reporter with Cyber Press. She is covering various cyber security incidents happening in the Cyber Space.

Recent Articles

Related Stories

LEAVE A REPLY

Please enter your comment!
Please enter your name here