CyberScoop reports that most of the impactful cyberattacks last year stemmed from the targeting of vulnerable edge devices.
Threat actors behind last year's most consequential intrusions have primarily exploited the Ivanti flaws, tracked as CVE-2023-46805 and CVE-2024-21887, the Palo Alto Networks PAN-OS bugs, tracked as CVE-2024-0012, CVE-2024-3400, and CVE-2024-9474, and the Fortinet FortiManager tool vulnerability, tracked as CVE-2024-47575, according to a report from Darktrace. "If they can get through cybersecurity companies then they're bypassing the exact detection that companies have provided customers. You're kind of getting underneath the specific thing that's supposed to be detecting you, and getting access that way," said Darktrace Vice President of Threat Research Nathaniel Jones. While intrusions exploiting internet-exposed devices were predominant during the first six months of 2024 as threat actors looked to leverage living-off-the-land techniques and attain lateral network movement, attackers have since moved to mostly deploy information-stealing malware attacks during the last six months of the year.
