Up to 768 vulnerabilities with the designated CVE ID has been reported as exploited in the wild in 2024, which compared to 639 CE in 2023, registering by 20% increased compared to last year.
Describing 2024 as “another banner for threats aimed at operating vulnerabilities”, Vulncheck – Note It is known that 23.6% of the well -known exploited vulnerabilities (KEV) were armed either a day or before the day when CVE was publicly disclosed.
This means a slight decrease from 26.8%2023, indicating that attempts can occur at any time in the vulnerability cycle.
“During 2024, 1% of the published Cves was reportedly used in” Wild “,” Patrick Garri said in a report that shared Hacker News. “It is expected that this number will grow because the operation is often expressed long after the CVE was published” .
The report comes in two months after the company found that 15 different Chinese hacking groups are 60 bells 15 regularly used vulnerabilities in 2023.
“Not surprisingly, Log4j Cve (Cve-2011-44228) is associated with the most threats of actors in general, overall 31 named threats related to its exploitation,” Garrit noted At the end of last year, adding that the company determined 65 245 hosts who were potentially vulnerable.
In general, approximately 400,000 systems available on the Internet are probably sensitive to attacks resulting from 15 deficiencies in Apache, Atleassian, Barracuda, Citrix, Cisco, Fortinet, Microsoft, Progress, Papercut and Zoho.
“Organizations should evaluate their impact on these technologies, increase the visibility of potential risks, use reliable threat intelligence, maintain strong patients management and implement control, for example, minimize the exposition on the Internet of these devices, where possible,” Vulnchek said.
