Microsoft warns of rise of hackers exploiting publicly disclosed vulnerabilities

Share post:

According to a new Microsoft study, nation-state groups are becoming a more dangerous threat as they increasingly target critical infrastructures and rapidly exploit zero-day vulnerabilities. Moreover, these nation-state and criminal actors are increasingly exploiting publicly disclosed zero-day vulnerabilities to violate target environments.

It also said that it has “observed a reduction in the time between the announcement of a vulnerability and the commoditization of that vulnerability,” which makes it imperative that organizations patch such exploits on time.

In addition, Microsoft discovered that these actors “have begun to use innovation in automation, cloud infrastructure, and remote access technologies to attack a broader set of targets.” More advanced spoofing methodologies, a shift to targeting the IT services supply chain, and improved tactics to exploit zero-day vulnerabilities before they are publicly disclosed and patched, are part of this strategy.

It points out that, on average, it takes only 14 days for a malicious code to be available to the public after a bug becomes public, and that zero-day attacks, while initially strictly limited, are quickly adopted by other threat actors, leading to uncontrolled probing events before patches are installed.

And some of the vulnerabilities that were first exploited by Chinese actors before being picked up by other hostile groups include: CVE-2021-35211, CVE-2021-40539, CVE-2021-44077, CVE-2021-42321, and CVE-2022-26134.

The sources for this piece include an article in TheHackerNews.

SUBSCRIBE NOW

Related articles

HP Settles Lawsuit Over Blocking Third-Party Ink With Printer Updates

HP has agreed to settle a class-action lawsuit accusing the company of disabling printers that used third-party ink...

Intel’s contract manufacturing hits setback with quality issues

Intel’s contract manufacturing business has encountered a major setback after silicon wafers produced for Broadcom failed to meet...

Dell has another major round of layoffs

Dell has initiated another round of layoffs, affecting a significant number of employees, including long-term company veterans. HR...

Intel to lay off Over 15,000 employees in major cost-cutting move

Intel has announced a significant downsizing of its workforce, laying off over 15,000 employees as part of a...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways