2023 Top Routinely Exploited Vulnerabilities | Threat SnapShot скачать в хорошем качестве

2023 Top Routinely Exploited Vulnerabilities | Threat SnapShot

On November 12, 2024, a joint cybersecurity advisory was released by agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom. This advisory highlights the **top routinely exploited vulnerabilities of 2023**, offering insights into persistent threats and the measures organizations can take to protect themselves. In this video, we break down key findings from the report, including: Vulnerabilities exploited across multiple years, such as *CVE-2021-44228 (Log4j)* and **CVE-2020-1472 (Netlogon)**. How *EDR solutions* play a critical role in detecting zero-day exploits. Detailed detections and hunting strategies for vulnerabilities like **CVE-2023-23397 (Outlook EoP)**. We also explore how malicious actors continue leveraging older vulnerabilities, demonstrating the importance of patching and robust detection strategies. With practical detections ranging from Sigma rules to Splunk queries, this video provides actionable insights for defenders. ✅ Subscribe to SnapAttack for more in-depth analyses and real-world applications of cybersecurity defenses. 📢 Have questions or topics you’d like us to cover? Drop a comment below! 👋 Follow us:   / snapattack     / snapattackhq     / ajkingio     / ajkingio   SnapAttack Resources: https://app.snapattack.com/collection... - Collection: 2023 Top Routinely Exploited Vulnerabilities https://app.snapattack.com/collection... - Collection: CVE-2020-1472 https://app.snapattack.com/intelligen... - Intelligence: CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub https://app.snapattack.com/intelligen... - Intelligence: RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks https://app.snapattack.com/threat/500... - Threat: Zerologon Remote Domain Controller Privilege Escalation https://app.snapattack.com/detection/... - Detection: Zerologon sets machine account password to Empty String https://app.snapattack.com/collection... - Collection: CVE-2021-44228 https://app.snapattack.com/threat/475... - Threat: Log4j/CVE-2021-44228 - Exploiting Tomcat Servlet with GET, POST, and User-Agent Strings https://app.snapattack.com/detection/... - Detection: Unknown Process Using The Kerberos Protocol https://app.snapattack.com/detection/... - Detection: Suspicious Process By Web Server Process https://app.snapattack.com/detection/... - Detection: Suspicious PowerShell Encoded Command Patterns https://app.snapattack.com/detection/... - Detection: Shell Process Spawned by Java.EXE https://app.snapattack.com/threat/ab8... - Threat: Persistence via Microsoft Outlook Elevation of Privilege Vulnerability (CVE-2023-23397) https://app.snapattack.com/detection/... - Detection: CVE-2023-23397 via Registry References: https://www.cisa.gov/sites/default/fi...