SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Compliance
#
Microsoft
#
Exploits
Recorded Future discloses new high-risk vulnerabilities
Tue, 19th Sep 2023
Author image
By Catherine Knowles, Journalist
Follow us

Intelligence company Recorded Future has released its monthly CVE Monthly report, revealing 18 out of the approximately 2,400 newly disclosed vulnerabilities in August 2023 had high-risk scores, and two of which are confirmed zero-day vulnerabilities affecting Microsoft and Ivanti products.

In the Recorded Future CVE Monthly August 2023 report, threat researchers have also highlighted the increased use of exploit chains also known as vulnerability chains by cyber criminals to enable greater success or impact of attacks on systems or devices.

Exploitation chaining was identified in recently patched vulnerabilities across Juniper Networks J-Web, where threat actors exploited four vulnerabilities to target Juniper EX switches and SRX firewalls, and enable remote code execution (RCE).

Maggie Coleman, Intelligence Analyst at Recorded Future's Insikt Group comments, "Combining multiple vulnerabilities into a chain of attack is not a new tactic used by cyber criminals but is an evolving tactic that Singaporean organisations need to be aware of."

"Rather than focusing on basic cybersecurity hygiene and best practices, organisations should instead identify and implement the right cybersecurity playbooks, processes, and tools to proactively protect their businesses, customers, and people."

"This proactiveness can be done through the quick identification and remediation of high-impact vulnerabilities before they can be exploited by threat actors."

The Recorded Future CVE monthly reports primarily analyses the top vulnerabilities disclosed across eight major software vendors Microsoft, Adobe, Oracle, Google, Apple, Apache, Linux and Cisco.

It includes the total number of vulnerabilities disclosed within the reporting period, the number of critical and zero-day vulnerabilities disclosed, the number of vulnerabilities actively exploited at the time of writing, and additional major trends and noteworthy vulnerabilities.

Some of the other key findings from the August 2023 report include the following:

  • Microsoft continued to be the software vendor most consistently affected by actively exploited zero-day vulnerabilities, month-to-month.
  • Microsoft patched 1 new zero-day vulnerability and released a Defence in Depth Update to fix a patch-bypass flaw affecting a vulnerability that was patched in July 2023 and previously exploited by RomCom to target guests of the July 2023 NATO Summit.
  • Ivanti warned customers about a new, critical, authentication-bypass zero-day vulnerability, tracked as CVE-2023-38035, affecting its Sentry (formerly known as MobileIron Sentry) security product.
  • CVE-2023-38035 was chained together with two previously disclosed vulnerabilities affecting Ivanti's Endpoint Manager Mobile (EPMM), tracked as CVE-2023-35078 (an authentication bypass flaw) and CVE-2023-35081 (a vulnerability that enables arbitrary file-write). CVE-2023-35078 and CVE-2023-35081 were patched in July 2023.
Related stories
Firms outsource new email security measures implementation
Legit Security announces strategic partnership with GuidePoint Security
Wavelink partners with Orca Security to enhance cloud security
Fortinet upscales OT & CI cybersecurity in Asia-Pacific
BeyondTrust's 2024 report reveals top Microsoft vulnerabilities
Top stories
Australian businesses fast-track Microsoft cloud adoption amid cyber threats
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity