{"id":10403,"date":"2024-06-12T10:45:00","date_gmt":"2024-06-12T09:45:00","guid":{"rendered":"https:\/\/www.withsecure.com\/resources-hub\/w-labs\/mass-exploitation-the-vulnerable-edge-of-enterprise-security\/"},"modified":"2024-06-12T10:45:00","modified_gmt":"2024-06-12T09:45:00","slug":"mass-exploitation-the-vulnerable-edge-of-enterprise-security","status":"publish","type":"lab_item","link":"https:\/\/www.withsecure.com\/jp-ja\/resources-hub\/w-labs\/mass-exploitation-the-vulnerable-edge-of-enterprise-security\/","title":{"rendered":"Mass exploitation: The vulnerable edge of enterprise security"},"content":{"rendered":"\n
\n
\n

\n Mass exploitation: The vulnerable edge of enterprise security<\/span><\/h1>
\n
\n \n \n Network Security <\/span>\n <\/span>\n \n 12 6\u6708, 2024 <\/span>\n <\/div>\n <\/div>\n <\/div>\n
\n
\n

\n \u30b7\u30a7\u30a2\u3059\u308b <\/p>\n

\n \n \n
\n
\n
\n \"\" <\/figure>\n <\/div>\n <\/div>\n<\/section>\n\n\n\n
\n
\n
\n

\n Authors <\/p>\n \n

\n
\n
\n \n \n <\/path>\n <\/path>\n <\/svg>\n <\/span>\n <\/div>\n
\n

Stephen Robinson<\/h3>\n \n \n <\/div>\n\n<\/div>\n\n <\/div>\n\n <\/div>\n
\n

\n Download report <\/p>\n \n

\n
\n \n Download the report
\n
\n

\n Share this story <\/p>\n

\n \n \n
\n
\n

The cyber threat landscape in 2023 and so far 2024 has been dominated by mass exploitation. Previous WithSecure\u00a0reporting<\/a>\u00a0on the professionalization of cybercrime noted the growing importance of mass exploitation as an infection vector, but the volume and severity of this vector have now truly exploded. Several recent reports indicate that mass exploitation may have overtaken botnets as the primary vector for ransomware incidents, and there has been a rapid tempo of security incidents caused by mass exploitation of vulnerable software including, but not limited to: MOVEit, CitrixBleed, Cisco XE, Fortiguard\u2019s FortiOS, Ivanti ConnectSecure, Palo Alto\u2019s PAN-OS, Juniper\u2019s Junos, and ConnectWise ScreenConnect.<\/p>\n

There is just one thing that is required for a mass exploitation incident to occur, and that is a vulnerable edge service, meaning a piece of software that is accessible from the Internet. What many exploited edge services have in common is that they are infrastructure devices, such as Firewalls, VPN gateways, or Email gateways, which are commonly locked down black box like devices. Devices such as these are often intended to make a network more secure, yet time and again vulnerabilities have been discovered in such devices and exploited by attackers, providing a perfect foothold in a target network.<\/p>\n

This\u00a0report<\/a>\u00a0will explore the trend of mass exploitation of Edge Services and Infrastructure and will put forward several theories as to why they have been so heavily and successfully targeted by attackers.<\/p>\n<\/div>\n

\n

\n Download report <\/p>\n \n

\n
\n \n Download the report
\n
\n

\n Share this story <\/p>\n

\n \n \n
\n
\n
\n
\n

\n What next?<\/span><\/h2>
\n
\n

Discover WithSecure\u2122 Elements Exposure Management.
\n– No credit card required. No obligations.No complexity.<\/p>\n<\/div>\n <\/div>\n <\/div>\n

\n Contact us<\/a> <\/div>\n <\/div> <\/div>\n <\/div>\n<\/section>\n\n\n\n\n\n
\n
\n

\n Related Labs content<\/span><\/h2>
\n
\n
\n

Find related content relating to this topic.<\/span><\/p>\n<\/div>\n <\/div>\n <\/div>\n <\/div> \n

\n
\n
\n
\n \"\"

W\/\u30e9\u30dc<\/p>\n <\/div>\n

\n
\n
\n Attack Detection<\/span>\n Software Protection<\/span>\n Threat intelligence<\/span>\n <\/div>\n <\/div>\n

DarkGate Rises: New version of DarkGate malware hunts like a Duck but bites like a RAT<\/h3>\n

Source: https:\/\/labs.withsecure.com\/publications\/darkgate-rises<\/p>\n

\n \u3082\u3063\u3068\u8aad\u3080<\/a> <\/div>\n <\/div>\n<\/div> <\/div>\n
\n
\n
\n \"\"

W\/\u30e9\u30dc<\/p>\n <\/div>\n

\n
\n
\n Attack Detection<\/span>\n Software Protection<\/span>\n Threat intelligence<\/span>\n <\/div>\n <\/div>\n

Reverse engineering a Lumma infection<\/h3>\n

Lumma is an information stealer that the WithSecure Detection and Response Team (DRT) have encountered several times. It has seen wider use over the past couple of years, and makes for an interesting threat to monitor.<\/p>\n

\n \u3082\u3063\u3068\u8aad\u3080<\/a> <\/div>\n <\/div>\n<\/div> <\/div>\n
\n
\n
\n \"\"

W\/\u30e9\u30dc<\/p>\n <\/div>\n

\n
\n
\n AI security<\/span>\n Attack Detection<\/span>\n Software Protection<\/span>\n <\/div>\n <\/div>\n

Machine learning-driven malware analysis<\/h3>\n

With the rapid emergence of new malware variants, accurately classifying and attributing malware samples has become more challenging than ever<\/p>\n

\n \u3082\u3063\u3068\u8aad\u3080<\/a> <\/div>\n <\/div>\n<\/div> <\/div>\n <\/div>\n
\n
\n <\/div>\n
\n
\n

The cyber threat landscape in 2023 and so far 2024 has been dominated by mass exploitation.<\/p>\n","protected":false},"author":3,"featured_media":0,"template":"","categories":[345],"labs_content_type":[377],"class_list":["post-10403","lab_item","type-lab_item","status-publish","hentry","category-network-security"],"acf":[],"card":"

\n
\n \"\"

W\/\u30e9\u30dc<\/p>\n <\/div>\n

\n
\n
\n Network Security<\/span>\n <\/div>\n <\/div>\n

Mass exploitation: The vulnerable edge of enterprise security<\/h3>\n

The cyber threat landscape in 2023 and so far 2024 has been dominated by mass exploitation.<\/p>\n

\n \u3082\u3063\u3068\u8aad\u3080<\/a> <\/div>\n <\/div>\n<\/div>","_links":{"self":[{"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/lab_item\/10403","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/lab_item"}],"about":[{"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/types\/lab_item"}],"author":[{"embeddable":true,"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/users\/3"}],"wp:attachment":[{"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/media?parent=10403"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/categories?post=10403"},{"taxonomy":"labs_content_type","embeddable":true,"href":"https:\/\/www.withsecure.com\/jp-ja\/wp-json\/wp\/v2\/labs_content_type?post=10403"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}