Market Research
BeyondTrust Releases 2024 Microsoft Vulnerabilities Report
BeyondTrust, the worldwide leader in intelligent identity and access security, has announced the release of the 2024 Microsoft Vulnerabilities Report. Produced annually by BeyondTrust, this report analyzes data from security bulletins publicly issued by Microsoft throughout the previous year and provides valuable information to help organizations understand, identify, and address the risks within their Microsoft ecosystems.
Each Microsoft Security Bulletin is comprised of one or more vulnerabilities, which apply to one or more Microsoft products. Microsoft typically groups vulnerabilities into these main categories: Remote Code Execution (RCE), Elevation of Privilege (EoP), Information Disclosure, Denial of Service (DDoS), Spoofing, Tampering, and Security Feature Bypass. This year’s edition of the report also assesses how vulnerabilities are being leveraged in identity-based attacks, spotlighting some of the most significant CVEs of 2023 (9.0+ CVSS severity scores).
Total and critical vulnerabilities demonstrated some of the most consistent data, year over year, since this report’s debut, a strong indicator that overall long-term security efforts are paying off. This may also reflect that attackers are increasingly re-focusing their efforts on exploiting identities, rather than Microsoft software vulnerabilities.
- After hitting an all-time high in 2022, total vulnerabilities continue their 4-year holding pattern near their highest-ever numbers in 2023, remaining between 1,200 and 1,300 (since 2020).
- Elevation of Privilege vulnerability category continues to dominate, accounting for 40% (490) of the total vulnerabilities in 2023.
- Denial of Service vulnerabilities climbed 51% to hit a record high of 109 in 2023, with Spoofing demonstrating a dramatic 190% increase, from 31 to 90.
- The total number of critical vulnerabilities continues its downward trend, but slows its descent, dropping by 6% to 84 in 2023 (5 less than in 2022).
- After Microsoft Azure & Dynamics 365 vulnerabilities skyrocketed in 2022, they almost halved in 2023 – down from 114 to 63.
- Microsoft Edge experienced 249 vulnerabilities in 2023, only one of which was critical.
- There were 522 Windows vulnerabilities in 2023, 55 of which were critical.
- Microsoft Office experienced 62 vulnerabilities in 2023.
- Windows Server category had 558 vulnerabilities in 2023, 57 of which were critical.
“This report continues to highlight the need to keep improving security, not only at Microsoft but also for all organizations who are looking to better manage cyber risks in the context of an evolving threat landscape,” said James Maude, Director of Research at BeyondTrust. “This year’s report was a prime illustration of the modern identity threat landscape. The continued domination of Elevation of Privilege as the most common category of vulnerability, and the identity crisis highlighted at the end of the report, underscore the importance of privilege and the timeless security concept of least privilege. It also emboldens BeyondTrust’s mission to provide the broadest level of visibility and protection of paths to privilege.”
Despite overall stability in the Microsoft vulnerabilities data, the report’s analysis of critical vulnerabilities and innovative threat tactics predict now is not the time to get complacent:
- Vulnerabilities and unpatched systems will continue to provide threat actors with a means of attack.
- Expanding Microsoft technologies will continue to introduce new attack surfaces.
- Novel vulnerabilities will continue to emerge as threat actors uncover innovative pathways through Microsoft’s systems.
- Investments in research and security practices will continue to shift the way threat actors gain their foothold, as it becomes easier to steal an identity to gain access than to exploit a vulnerability.
Despite predicting an increase in the volume and sophistication of identity-based attacks, this year’s report shows once again that long-standing, foundational security principles like least privilege will continue to offer the best line of defence—even against modern threats—and that the organisations that successfully pair preventative security controls with threat detection and response will continue to be much better poised to withstand tomorrow’s threats.
Cyber Security
UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies
Positive Technologies experts have unveiled comprehensive research on the shadow market of cybercriminal services targeting the Gulf countries. The UAE and Saudi Arabian organizations remain in the crosshairs of cybercriminals, and over half of all posts on darknet forums are about selling data and access to local companies’ infrastructures. Researchers have highlighted a sharp increase in the free distribution of such data on the dark web, along with a surge in reports of DDoS attacks targeting the public sector and other industries. One in five ads analyzed was related to buying or selling access, with two-thirds available for under $1,000.
According to the research, cybercriminals remain focused on the two largest economies in the region—the UAE (40% of all posts) and Saudi Arabia (26%). The spotlight on darknet forums is on the public sector, which accounted for 21% of all analyzed posts. Most of the data (63%) related to regional government institutions was published for free as part of hacktivist attacks. Next in line for most popular on the dark web are commerce (16% of all ads), the service sector (15%), and financial institutions (13%).
Amid geopolitical tensions, hacker groups have ramped up calls for DDoS attacks and breaches to disrupt government institutions in the region. In the first half of 2024, the number of reports on the results of DDoS attacks on the dark web surged by 70% compared to the same period in 2023. Beyond the public sector, hacktivists also targeted the financial and transportation sectors.
According to the research, 33% of all the analyzed ads were linked to data breaches. One-third of these messages were about selling information. In these ads, criminals primarily offered databases stolen from major commerce companies, with an average cost of $2,300.
Positive Technologies analyst Anastasiya Chursina commented, “When compared to our previous research over a similar period, the share of freely distributed data almost doubled (up to 59%). This allows criminals to broaden the profiles of potential victims for targeted attacks. If the victim refuses to pay the ransom, both ransomware groups, as well as hacktivists (whose goal is to draw public attention to a political stance rather than just receive financial gain), can distribute data for free.”
Accessing company information resources is the second most common type of dark web ads, making up 21% of all listings. According to the research, in 70% of all cases, access can be bought for less than $1,000. The vast amount of access-for-sale ads on the darknet and their low cost make it easier for cybercriminals to gain initial access and launch attacks on organizations in the region.
Positive Technologies recommends that companies build their defences based on result-driven cybersecurity, using modern tools such as application-level firewalls, including cloud versions, network traffic analysis systems, solutions for monitoring information security events and managing incidents, as well as metaproducts.
Homeland Security
Homeland Security Market is Expected to Surpass $900 Bn By 2032
The Homeland Security market is set to grow from its current market value of more than $567.7 Billion to over $900 Billion by 2032; as reported in the latest study by Global Market Insights, Inc. The increasing number of immigration, drug trafficking, and smuggling activities worldwide and the subsequent need for advanced border security solutions will influence the market growth. For example, in January 2024, the Drug Enforcement Administration’s Washington Division constituting the District of Columbia, Maryland, and Virginia disclosed that it had confiscated over 639,000 fentanyl pills as well as 189 pounds of fentanyl powder in 2023.
Lately, homeland security is witnessing a growing involvement from the private sector, which is offering technology solutions, security services, and safeguarding critical infrastructure. To that end, several leading companies are partnering with government entities to bolster security protocols across diverse sectors, such as transportation, energy, and healthcare. To cite an instance, in July 2024, Great British Energy joined forces with The Crown Estate, with the potential to leverage nearly £60 billion of private investment, to drive energy independence in the U.K.
The Homeland Security market from the maritime security segment is projected to record notable growth up to 2032. Maritime regions face numerous threats, including terrorism, piracy, smuggling of illicit goods, such as drugs and weapons, and illegal immigration. These challenges necessitate stringent security measures to safeguard coastlines, ports, and vessels. Surging technological advances like surveillance systems, radar technologies, autonomous vessels, and cybersecurity measures, are also enhancing maritime security capabilities and driving the need for updated security infrastructure.
The Homeland Security market from the security platforms technology segment is expected to record considerable CAGR till 2032. With several countries investing in infrastructure development, including energy grids, transportation networks, and communication systems, the need to protect these assets from physical and cyber threats has grown paramount. To that end, homeland security platforms are largely favoured for safeguarding critical infrastructure from potential attacks. The strong demand for transparency and accountability in security operations along with the growing efforts to provide real-time monitoring, data collection, and reporting capabilities will drive market expansion.
The APAC homeland security market is set to exhibit robust growth by 2032, on account of hefty investments for the modernization of military and security forces. Governments in the region are broadening their defence budgets to cater to growing security threats, including terrorism, cyberattacks, border disputes, and internal unrest. The strong need for urban security solutions to protect critical infrastructure, public spaces, and mass transit systems from terrorist attacks will influence the regional industry demand.
Some of the prominent homeland security market players include BAE Systems, Boeing, General Dynamics, Lockheed Martin, Northrop Grumman, Raytheon Technologies, and Thales Group. These firms are committing to the development of cutting-edge solutions to scale their revenue sales. For instance, in April 2024, the Missile Defense Agency selected Lockheed Martin to design a next-generation interceptor for homeland defence to offer protection against intercontinental ballistic missiles.
Cyber Security
Global Cybersecurity Efforts Gain Momentum, But More Action Needed
Countries around the globe are improving cybersecurity efforts, but stronger actions are needed to meet evolving cyber threats, according to the Global Cybersecurity Index 2024, released today by the International Telecommunication Union (ITU). On average, countries have taken more cybersecurity-related actions and improved their cybersecurity commitments since the last index was released in 2021.
Worrisome threats highlighted in the report include ransomware attacks targeting government services and other sectors, cyber breaches affecting core industries, costly system outages, and breaches of privacy for individuals and organizations. “Building trust in the digital world is paramount,” said Doreen Bogdan-Martin, ITU Secretary-General. “The progress seen in the Global Cybersecurity Index is a sign that we must continue to focus efforts to ensure that everyone, everywhere can safely and securely manage cyber threats in today’s increasingly complex digital landscape.”
ITU’s Global Cybersecurity Index 2024 (GCI 2024) assesses national efforts across five pillars, representing country-level cybersecurity commitments: legal, technical, organizational, capacity development, and cooperation. GCI 2024 also uses a new five-tier analysis, a shift that allows a greater focus on each country’s advances with cybersecurity commitments and resulting impacts.
The report places 46 countries in Tier 1, the highest of the five tiers, reserved for “role modelling” countries that demonstrate a strong commitment to all five cybersecurity pillars. Most countries are either “establishing” (Tier 3) or “evolving” (Tier 4) in terms of cybersecurity. The 105 countries in these tiers have largely expanded digital services and connectivity but still need to integrate cybersecurity measures. A “cyber capacity gap” – characterized by limitations in skills, staffing, equipment and funding – was evident in many countries and across all regional groups.
“The Global Cybersecurity Index 2024 shows significant improvements by countries that are implementing essential legal measures, plans, capacity building initiatives, and cooperation frameworks, especially in strengthening incident response capabilities,” said Cosmas Luckyson Zavazava, Director of ITU’s Telecommunication Development Bureau. “ITU’s cybersecurity projects and programmes are supporting those national efforts to more effectively manage cyberthreats, and I hope that the progress demonstrated by this latest index encourages countries to do more in developing secure and trustworthy digital systems and networks.”
According to GCI 2024, the African region has advanced the most in cybersecurity since 2021. All world regions have shown improvement since the last report. The world’s least developed countries (LDCs) have also started making gains, though they still need support to advance further and faster. GCI 2024 data shows that the average LDC has now reached the same level of cybersecurity status that many of the non-LDC developing countries had in 2021.
Land-locked developing countries (LLDCs) and small island developing states (SIDS) continue to face resource and capacity constraints on cybersecurity efforts. GCI 2024 includes individual assessments and provides a clear status report and a roadmap of activities to make further progress on cybersecurity.
Legal measures are the strongest cybersecurity pillar for most countries: 177 countries have at least one regulation on either personal data protection, privacy protection, or breach notification in force or progress. Computer Incident Response Teams (CIRTs) are crucial for national cybersecurity: 139 countries have active CIRTs, with various levels of sophistication, up from 109 in the 2021 index.
National Cybersecurity Strategies (NCS) are becoming more prevalent: 132 countries have a National Cybersecurity Strategy as of 2024, up from 107 in the 2021 index. Cyber awareness campaigns are widespread: 152 countries have conducted cyber awareness initiatives targeting the general population, with some also targeting specific demographics such as vulnerable and underrepresented populations, to create a culture of cybersecurity and address potential risks.
Incentives for the cybersecurity industry continue evolving: Governments are promoting the cybersecurity industry through incentives, grants, and scholarships, aiming to enhance cybersecurity skills and foster research in the field, with 127 countries reporting some form of cybersecurity-related research and development. Many countries cooperate on cybersecurity through existing treaties: 92% of countries (166) reported being part of an international treaty or comparable cooperation mechanism for cybersecurity capacity development, information sharing, or both. Putting cybersecurity agreements and frameworks into practical operation remains challenging.
Capacity development and technical pillars are relatively weak in most countries. 123 countries reported having training for cybersecurity professionals, up from 105 in 2021. In addition, 110 countries had frameworks to implement nationally or internationally recognized cybersecurity standards, up from 103 in 2021. Capacity development initiatives need to be reinforced: 153 countries have integrated cybersecurity into national curricula at some level, but cybersecurity training and awareness-raising vary widely across regions. Developing a strong domestic cybersecurity industry is essential to sustain progress.
Countries need to focus on protecting children online: 164 countries have legal measures in place for child online protection; only 94 countries reported associated strategies and initiatives, indicating a gap in implementation. As cybersecurity continues to evolve, GCI offers a clear picture of where countries are and a roadmap of activities to make progress. The report offers 11 key recommendations, from enhancing critical infrastructure to providing cybersecurity training.
GCI 2024 suggests that countries can prioritize high-impact activities, including:
- Implementing legal measures applicable across all sectors
- Developing and regularly updating a comprehensive national cybersecurity strategy and a practical, concrete action plan
- Enhancing incident-response capabilities
- Delivery of capacity building and training to cybersecurity professionals, youth and vulnerable groups to strengthen cybersecurity skills
- Fostering domestic and international cooperation and collaboration on information-sharing, training opportunities, and capacity development
ITU, the UN Agency for Digital Technologies, aims to connect the estimated 2.6 billion people who currently remain offline. Most of the globe’s offline population lives in developing countries, with the widest gaps in the least developed countries.
-
Cyber Security1 week ago
Global Cybersecurity Efforts Gain Momentum, But More Action Needed
-
Cyber Security1 week ago
Proofpoint Sets New Standard for Human-Centric Security
-
Homeland Security1 week ago
Homeland Security Market is Expected to Surpass $900 Bn By 2032
-
Homeland Security1 week ago
Lockheed Martin Delivers C-130J Super Hercules to Egypt
-
Events1 week ago
GITEX Digi_Health 5.0 Expo-Summit Asia Launches in Thailand
-
Cyber Security2 days ago
UAE and Saudi Arabia Face Unprecedented 70% Rise in Threats: Positive Technologies
-
Cyber Security2 days ago
BotGuard OÜ to Offer Live Demos at GITEX GLOBAL 2024
-
Cyber Security14 hours ago
AmiViz Champions Cybersecurity Innovation at Leading MENA Events