February’23 has reported 709 advisories the third highest number of advisories since the Secunia Research Team started in 2002. (#1 : July’20, #2: April’20)
Important conclusions from this month's report are:
February is the 3rd month in a row to show an increase in advisories, zero-days, and threats.
More than 61.35% of all advisories have vulnerabilities that can be attacked from Remote. From remote describes vulnerabilities where the attack vector does not require access to the system nor a local network. This category covers services, which are acceptable to expose to the Internet (for example, HTTP, HTTPS, SMTP) as well as client applications used on the Internet and certain vulnerabilities, where it is reasonable to assume that a security-conscious user can be tricked into performing certain actions.
The Secunia Research Team reported 5Extremely critical advisories this month (4 last month)
Over 1,233 CVEs ( last month: 1,590) were covered in the 709 Advisories.
Threat Intelligence indicates that more Moderately Critical Vulnerabilities are targeted by hackers.
More than half of all advisories are disclosed by 4 vendors (SUSE 17%, Ubuntu 15%, Red Hat 12%, Amazon 11%)
F5 and Cisco are contributing to more than 50% of all Networking related Advisories.
Last month we reported that 66.45% of all Secunia Advisories had a Threat ( exploits, malware, ransomware, etc.) associated with them, this month the number has been higher to 74.19%
Using Threat Intelligence is going to help you with prioritizing what needs to be patched immediately.
Software Vulnerability – and Patch Management is becoming more and more important. Due to the ongoing Russia-Ukraine conflict, attacks on critical infrastructures in many countries are increasing. Back in 2019 (just before Covid), patching was recommended within 30 days (or 14 days for a CVSS score of 7 or higher)
Right now, hackers can deploy exploits within 1 week and even within 24 hours. This means that organizations need to prioritize even better to quickly patch vulnerabilities (especially the ones with threats associated with them)
Noticeable information this month:
Feb. 22: VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product tracked as CVE-2023-20858
Feb 15: A zero-day vulnerability has been reported in WebKitGTK, which can be exploited by malicious people to compromise a vulnerable system. (CVE-2023-23529)
Feb. 14: Microsoft released security updates to address 75 vulnerabilities. Reported by Secunia research in 8 advisories, all of them Zero-day and with the highest threat score of 99.
Feb. 13: Apple rolled out security updates for iOS, iPadOS, macOS, and Safari to address a zero-day flaw that it said has been actively exploited in the wild Tracked as CVE-2023-23529.
CISA added 14 vulnerabilities to the KEV (Known Exploited Vulnerabilities) list