Organisations must do more to patch out of date systems to protect against hackers, report finds. Hackers are still using very old vulnerabilities in order to carry out attacks against companies, according to a new report.
The Web-based Threat – 2018 Q2 report, published by Palo Alto, found that very old vulnerabilities are still useful to hackers.
Among them was CVE-2009-0075, a nine-and-a-half-year-old Microsoft Internet Explorer 7 vulnerability. Researchers said that this was in the company’s top five list last quarter and is number four this quarter.
Another flaw, CVE-2008-4844, is another nine-and-a half vulnerability affecting Microsoft Internet Explorer 5, 6 and 7 is number five this quarter, according to the report.
"In the realm of vulnerabilities, we see remarkable consistency, with a nearly identical roster of vulnerabilities under attack in this quarter as last quarter. The only notable addition to this roster is a vulnerability known to be used in zero-day attacks," said the researchers in their report.
The report also found that the US was he number one source for Grandsoft, Sundown, and Rig exploit kits and the number two source for KaiXin making it the number one source for Exploit Kits globally. "In fact, the US accounted for more than twice the number of Exploit Kits globally as the number two, Russia," said researchers.
The researchers said that organisations should focus on ensuring Microsoft Windows and Adobe Flash and Reader are fully up to date with the latest versions and security updates.
"In addition, organisations should look at using limited privilege user accounts to limit the damage of malware. Finally, protections against malicious URLs and domains and using endpoint security to prevent malware like exploit kits can all help," they added.
Matt Middleton-Leal, general manager, EMEA at Netwrix, told SC Media UK that malware often relies on poor patching, and poor configuration of systems.
"Organisations in all industries must be able to accurately report on their risk exposure based on these two vectors. This must include understanding where data is stored and applying the appropriate access controls," he said.
"End-user training is always required, however organisations must also ensure they are prepared to deal with inevitable human error – an employee clicking on a malicious link in a moment of distraction, being an all too common example."
Ilia Kolochenko, CEO of High-Tech Bridge, told SC Media UK that probably one of the reasons of the predominant US location for phishing and malicious websites is a well-developed infrastructure. "You can pay for a domain, web hosting or SSL certificate in just a few clicks with a credit card, PayPal and even cryptocurrencies. Attackers need such rapidity, flexibility and simplicity," he said.
He added that the very first step to mitigate vulnerabilities is to build a comprehensive and up to date inventory of digital assets: hardware, software, clouds, data and users.
"It may be challenging in the epoch of hybrid clouds and BYOA, however it remains crucial for a sustainable cyber-security strategy. Once you have visibility of your assets, you will be able to properly assess the risks, assign priorities and allocate resources to maintain them up to date, secured and monitored."