Connect with us

Tech News

Positive Technologies: companies only have six days to install updates before cybercriminals strike

Published

on

For five years running, vulnerability exploitation has ranked among the top three most popular attack methods on organizations, according to the study done by Positive Technologies. In 2022–2023, attackers stole confidential data from over 2,700 companies worldwide, exploiting just one vulnerability. This study presents the results of analyzing dark web discussions and statistics on vulnerabilities, along with issues and solutions in organizational vulnerability management.

“Over the past three years, vulnerability exploitation has increasingly attracted cybercriminals, accounting for about one-third of all successful cyberattacks: it accounted for 18% in 2019, and 32% in 2023. On average, an experimental PoC exploit appears within six days of a critical vulnerability disclosure. This PoC, often a code fragment, command list, or program, can be used to attack a vulnerable system. In as few as five days, discussions surrounding this PoC begin on dark web forums, and with them the likelihood of ready-to-use exploits being developed to be used in mass attacks increases,” notes Fedor Chunizhekov, Head of Security Analytics at Positive Technologies.

Positive Technologies has analyzed over 51 million messages across 217 dark web platforms.The most commonly mentioned vulnerabilities are those in WinRAR (CVE-2023-38831), Fortinet products (CVE-2022-40684), and the Java-based Spring Framework (CVE-2022-22965). The vulnerabilities in Linux (CVE-2022-0847) and the Microsoft Support Diagnostic Tool (CVE-2022-30190) have also been objects of hackers’ attention. Messages about remotely exploited vulnerabilities constitute 70% of discussions among cybercriminals on the dark web.

Delaying vulnerability fixes can lead to serious issues for organizations. In May 2023, a mass defacement of websites in the .ru and .рф domains occurred due to the exploitation of the CVE-2022-27228 vulnerability in the 1C-Bitrix web development and content management system. By exploiting the CVE-2023-4966 vulnerability, criminals stole data on 36 million customer accounts from the telecommunications company Xfinity, including password hashes, passwords, and answers to security questions. Ransomware groups have used a flaw in the Microsoft Windows Support Diagnostic Tool (CVE-2022-30190, also known as Follina) to conduct mass ransomware attacks. APT groups have also exploited this vulnerability in their cyberespionage campaigns. Due to the exploitation of a critical vulnerability in Progress MOVEit Transfer (CVE-2023-34362), confidential data from over 2,700 organizations worldwide was compromised.

To prevent the exploitation of vulnerabilities and the occurrence of non-tolerable events, proactive measures must be taken to protect individual services and the entire IT infrastructure. Experts recommend that organizations regularly inventory and classify their assets; prioritize assets based on their importance, as well as the severity and frequency of vulnerabilities; conduct regular security analyses of systems and applications; and monitor the dark web to identify the latest threats. Setting realistic timelines for vulnerability remediation and closely monitoring the patching process are also crucial.

For this, we recommend using modern vulnerability management systems, such as MaxPatrol VM. Using specialized tools allows you to promptly detect and eliminate dangerous vulnerabilities both on the network perimeter and within the infrastructure, with information about current vulnerabilities being delivered to MaxPatrol VM within just 12 hours. Monitoring the status of the target systems and intermediary target systems on a regular basis helps to prevent non-tolerable events associated with the exploitation of vulnerabilities in important assets.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

ASBIS Middle East and Fanvil Announce Partnership to Boost Communication Solutions

Published

on

ASBIS Middle East is excited to announce a strategic partnership with Fanvil. The partnership was formalized during a signing ceremony, marking a significant milestone for both companies.

The signing ceremony was attended by key executives from ASBIS Middle East and Fanvil. Hesham Tantawi, the Vice President of ASBIS Middle East, and Louis Chen, the Vice President of Fanvil expressed that partnering is a significant step forward for both companies.

The collaboration between ASBIS Middle East and Fanvil highlights a strategic partnership that expands the availability of Fanvil’s extensive range of communication products. These include enterprise IP phones, hotel phones, intercoms, broadcast & intercom system, healthcare devices, and cloud-based solutions, etc. Among Fanvil’s diverse offerings, the V Pro Series stands out as a high-end yet budget-friendly option, integrating advanced features such as Bluetooth wireless handset functionality. This makes it an excellent choice for businesses seeking both affordability and high performance in their communication solutions.

The partnership not only aims to increase market presence in Middle East area but also to drive innovation, especially in sectors such as hospitality, healthcare, and enterprise communication. As the demand for advanced, cost-effective communication solutions grows, ASBIS Middle East and Fanvil are committed to delivering customized products that meet the evolving needs of their customers.

Looking to the future, ASBIS Middle East and Fanvil are committed to exploring joint initiatives that will facilitate development and strengthen competitive positions.

Continue Reading

Tech News

Why Your Cloud Security Strategy May Be Obsolete by 2025 (And What to Do About It)

Published

on

Cloud Security Strategy

By John Engates, Field CTO, Cloudflare

The uncomfortable truth facing security leaders today is stark: within 18 months, most enterprise cloud security strategies will be obsolete. This prediction isn’t hyperbole or fear-mongering – it’s the inevitable consequence of an unprecedented collision between AI-accelerated development and traditional security models

Consider this reality: Google now generates 25% of its code through AI, and companies worldwide will follow suit. Some smaller companies are developing 100% of their code with the help of AI. Meanwhile, most security teams remain tethered to human-scale tools and processes.

The math is simple but alarming. While AI accelerates software development by orders of magnitude, security teams largely operate at human speed. Traditional security approaches, designed for human-paced development and human attackers, are rapidly becoming liabilities in an AI-driven world. This growing disparity between development velocity and security capability isn’t just unsustainable – it’s becoming actively dangerous.

The Catalysts of Change

Three seismic shifts are converging to make current cloud security strategies untenable: the industrialization of AI-powered development, the democratization of sophisticated attacks, and the dissolution of traditional security boundaries. Let’s examine how each of these forces is reshaping the security landscape.

First, AI isn’t just augmenting development—it’s industrializing it. Beyond AI-generated code, developers are experimenting with agentic, fully autonomous systems that iteratively create and modify cloud-based applications with minimal human oversight. This model means software development at machine speed and an attack surface that expands faster than traditional security tools can measure, let alone protect.

The threat landscape is evolving just as dramatically. AI is democratizing sophisticated attack capabilities once limited to nation-state actors. Autonomous malware now adapts in real time, learning from defenses and evolving to bypass them. These aren’t just faster attacks—they now operate beyond human response capabilities, making decisions at machine speed.

Critical Gaps in Current Strategies

Two glaring vulnerabilities in current security strategies are becoming impossible to ignore as AI accelerates cloud computing: an identity crisis and a data dilemma.

The Identity Crisis

Traditional identity and access management is crumbling under the weight of machine-scale operations. While we’ve mastered human identity management, we’re unprepared for a world where machine identities—from AI agents to ephemeral containers—outnumber human identities by orders of magnitude. Current identity and access management approaches, designed for stable human workforces, simply cannot handle the volume and velocity of machine-to-machine interactions in AI-driven environments.

The Data Dilemma

Our approach to data protection remains stubbornly rooted in static, location-based controls while AI drives us toward dynamic, distributed processing. Traditional data security assumed we could identify sensitive data, classify it, and control its movement. But AI-driven systems consume and transform data at unprecedented rates, creating derivative datasets that blur the lines between sensitive and non-sensitive information.

Building Future-Ready Security

The path forward requires more than incremental improvements to existing security models. We need a fundamental reimagining of security architecture that operates at machine speed and scale. This transformation rests on three essential pillars.

First: AI-Native Security Operations

Security teams must shift from being AI-assisted to AI-native. Teams must move quickly beyond using AI tools for threat detection to building security operations that are inherently powered by AI. The goal isn’t just faster response—it’s establishing a security posture that evolves as rapidly as the threats it faces.

Second: Edge-Enforced Zero Trust

Traditional perimeter security pushed traffic through centralized choke points. This model isn’t just obsolete—it’s becoming actively harmful, creating performance bottlenecks and blind spots. The future demands a distributed security model where protection moves to the edge, as close as possible to both users and workloads.

Third: Unified Security Intelligence

The final pillar addresses the fragmentation that plagues current security strategies. Organizations can no longer afford the cognitive overhead of managing dozens of disconnected security tools. We need unified platforms that provide coherent security intelligence across the entire technology stack. When security tools operate in silos, each tool becomes a potential bottleneck. A unified platform enables real-time correlation and response, allowing security to move at the speed of AI-driven threats.

The Security Transformation Imperative

The coming 18 months will lay bare a clear divide between organizations that transform their security for the AI-driven future and those that become increasingly vulnerable. The evidence is compelling. Autonomous systems are now deploying applications with minimal human oversight. Attacks are becoming more sophisticated, adapting and evolving in real-time. Traditional security approaches—designed for predictable threats and human response times—aren’t just becoming outdated. They’re becoming dangerous liabilities.

The future of security isn’t about building better walls—it’s about creating security systems that evolve as rapidly as the threats they face. The time to act is now. The future isn’t coming—it’s already here.

Continue Reading

Tech News

Samsung Galaxy S25 Series Available for Pre-Order at Jacky’s Retail in the UAE

Published

on

Jacky’s Brandshop, the retailer of Samsung products in the UAE, is now offering Samsung’s latest flagship smartphone series, the Galaxy S25, S25+, and S25 Ultra, for pre-order in the UAE till 6 February 2025. Customers can secure their devices ahead of the official release by placing orders online or visiting any of Jacky’s Brandshop outlets for Samsung in Mall of the Emirates, BurJuman Centre, City Centre Deira, City Centre Al Zahia (Sharjah), and Khalidiyah Mall (Abu Dhabi).


Key Features

The Galaxy S25 series introduces advanced AI-driven features, a next-generation processor, and enhanced camera capabilities, setting a new benchmark for smartphone performance. The Snapdragon 8 Elite for Galaxy processor powers the devices, offering improved efficiency, speed, and graphics. Samsung’s AI Pro Visual Engine refines photography and video quality, ensuring enhanced image processing and real-time editing tools. The camera system has also been upgraded, with the Galaxy S25 Ultra featuring a 200MP main sensor and 100x digital zoom, while the S25+ and S25 offer a 50MP wide-angle lens along with telephoto and ultra-wide enhancements.

Exclusive Pre-Order Offers

Customers who pre-order through Jacky’s Brandshop will receive additional benefits, including a memory upgrade at no extra cost — paying for 256GB and receiving a 512GB device, or paying for 512GB and receiving a 1TB device. There is also a special discount of AED 250 for Emirates NBD cardholders, applicable both online and in-store. Those looking to complement their new devices can enjoy up to 50% off on Galaxy S25 accessories and wearables during the pre-order period.

In addition, Jacky’s Brandshop is offering EZPAY flexible payment plans that allow customers to buy now and pay at their pace, making it easier to own the latest technology. Customers can also use Level Up, a trade-in program enabling customers to exchange their old devices for the latest Galaxy S25 series model.

With Samsung continuing to push boundaries in smartphone technology, the Galaxy S25 series is expected to be one of the most anticipated releases of the year. Customers can place their pre-orders now at Jacky’s Brandshop or contact any of its retail locations across the UAE. 

Continue Reading

Trending

Please enable JavaScript in your browser to complete this form.

Copyright © 2023 | The Integrator