WithSecure’s Post

Helsinki, Finland – June 12, 2024: The cyber threat landscape in 2023 and 2024 has been dominated by mass exploitation. A previous WithSecure report on the professionalization of cybercrime noted the growing importance of mass exploitation as an infection vector, but the volume and severity of this vector have now truly exploded.   The number of edge service and infrastructure Common Vulnerabilities and Exposures (CVEs) added to the Known Exploited Vulnerability Catalogue (KEV) per month in 2024 is 22% higher than in 2023, while the number of other CVEs added to the KEV per month has dropped 56% compared to 2023.

Edge services such as MOVEit, Exchange, Zimbra, ManageEngine Servicedesk, etc and Infrastructure appliances such as Ivanti ConnectSecure, Cisco ASAs, Citrix ADC, Fortiguard VPN gatewayss, PaloAlto GlobalConnect VPN gateways, etc have more severe CVEs, and they are being exploited at a growing rate compared to non-edge, non-infrastructure CVEs. That’s in short what WithSecure ‘s threat intel analyst Stephen Robinson found out in a broad analysis. #threatintelligence #research #exposuremanagement

I've got a new report out today! I couldn't believe just how many waves of mass exploitation there were this year which were targeting what should have been secure devices. I wanted to know if this was a new trend in cyber activity, or simply a trend in reporting of cyber activity, so I put my analysis hat on and dug into the numbers to see if I could prove it. Turns out that yes, based on available data there has been an increase in the number and severity of exploited edge services and infrastructure appliances in 2024. Check out the report for more specific conclusions and examples.

🔬New research!🔬 Tap into the numbers our W/Intelligence team discovered in their latest research document. It shines a light on the trend of mass exploitation of edge services and infrastructre. The team have also put forward a number of theories as to why both have been heavily and successfully targeted by attackers. 🔗Read the full report here: https://lnkd.in/dAwiDgdn #ExposureManagement #XM #Research

🔬Have you checked out our mass exploitation research?🔬 Tap into the numbers our incredible W/Intelligence team discovered in their latest research document. It shines a light on the trend of mass exploitation of edge services and infrastructure. The team have also put forward a number of theories as to why they have been heavily and successfully targeted by attackers. 🔗Read the full report here: https://lnkd.in/dAwiDgdn

Thoughtful paper. A couple of observations -- tactical, battlefield intelligence collection, analysis and use is significantly different from strategic intelligence. And, the massive role of 'open source' intelligence today inserts a new challenge into the analytical equation--vetting the accuracy of the ingested data.

The strength of the integrity and resiliency of our real-time intelligence is critical for the decision advantage.

I am really happy to share the translated publication of the paper I wrote with Guillaume Garnier for Ifri - Institut français des relations internationales about the so-called “transparency” of the battlefield. To summarize the main idea of this study, here is a quote of Robert Leonhard in his book The Principles of War for the Information Age that inspired some of the conclusions : «  Some have written that surprise will be unachievable on the modern battlefield. The argument says that with information technology, competing forces will be able to see each other to well to allow any surprise. This is completely false. The 21st century will see the principle of surprise come to its fullest potential. Information warfare will see a constant battle between stealth and data fusion, between knowledge and ignorance, and between truth and deception. Surprise […] will be fundamental to Information Age warfare. »

Protecting Quantum Science and Technology Foreign adversaries are increasingly targeting a wide range of U.S. quantum companies, universities, and government labs. When new technologies are the product of American ideas and research, it's the FBI's and our security partner agencies' job to protect them. Today, adversarial nation-states are aggressively attempting to obtain a strategic advantage over the U.S. by stealing U.S. technologies and research know-how to help bolster their respective government's policies that violate international norms—including respect for rule of law, fair trade, and full scientific research collaborative reciprocity—while damaging U.S. economic competitiveness and harming U.S. national and economic security. The National Counterintelligence Task Force's (NCITF) Quantum Information Science Counterintelligence Protection Team (QISCPT) unites the FBI with our intelligence and security partners to protect quantum information science and technology developed in the U.S. and like-minded nations. Members of the quantum ecosystem, composed of industry, academia, national labs, investors and end users, best understand the future implications of their research and development efforts. "Quantum information science and technology has the potential for enormous positive humanitarian impact, but its implications for our economic and national security are consequential as well," said FBI Deputy Director Paul Abbate. "The Quantum Information Science Counterintelligence Protection Team leverages partnerships across government, academia, and private industry to protect progress in this field and thwart nation-state and other adversaries' efforts to steal innovations. The QISCPT is working within the interagency framework of the National Counterintelligence Task Force to ensure that the U.S. and like-minded nations do not lose momentum in the successful development of quantum technology." #MavenScouts #Quantum #Protection #RiskManagement #NationalSecurity #Bold #Vigilant #Innovative

Well done, short piece on risks of technology diffusion via proxy forces. We see in multiple domains: using a capability risks its exposure, understanding, and use by an adversary. Does the reward of first use outweigh the potential disadvantage in the future?