“The recent additions to the known exploited vulnerabilities (KEV) catalogue from the Cybersecurity and Infrastructure Security Agency (CISA) includes multiple flaws in the Linux kernel as well as other vulnerabilities dating back over 12 years ago. While the specific details surrounding how these flaws are being exploited, whether recently or in the past, are unknown, it highlights a trend where cybercriminals find success in targeting known vulnerabilities, particularly those with publicly available exploit code, as noted in our 2022 Threat Landscape Report.
“With unpatched assets persisting across organisations, cybercriminals don’t need to find, develop or procure zero day vulnerabilities, providing them with cost savings, especially when it’s so easy to find public proof-of-concept exploit code for a variety of vulnerabilities. With Log4Shell, a critical flaw in the Log4j 2 logging library, we observed ransomware groups and nation state threat actors aligned with the People’s Republic of China and Iran’s Islamic Revolutionary Guard Corps (IRGC) targeting a piece of open source software used across a number of applications, highlighting the challenges introduced through the use of open source libraries and software and the supply chain risks posed as a result.
“Now more than ever, it is vital for organisations to gain visibility across their attack surface in order to gain the context necessary to reduce their cyber risk.” – Satnam Narang, Sr. Staff Research Engineer, Tenable.