Cybercriminals took advantage of vulnerabilities in the MOVEit software, stealing the data of up to 100 million people. This attack was one of the most serious security problems in 2023 and made it possible to extort a ransom of up to $100 million. In 2024, the number of vulnerabilities in edge services increased by 22%. compared to 2023

Software vulnerabilities published in the KEV catalog by CISA were responsible for 14 percent. security breaches last year, an increase of 180%. Every year. The average time from detecting a vulnerability to patching it is 175 days. Devices at the edge of the network, constantly connected to the Internet, are difficult to monitor and often do not have EDR installed.

In 2023, cybercriminals attacked 12 Norwegian state institutions by exploiting vulnerabilities in the Ivanti Endpoint Manager Mobile software. CISA also warned of attacks on Ivanti Connect Secure and Policy Secure Gateways. Additionally, other European government entities have fallen victim to attacks by Russian-sponsored hackers who exploited weaknesses in the RoundCube software.

Source: crn.pl