Security News > 2023 > December > Privilege elevation exploits used in over 50% of insider attacks
Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner.
A report by Crowdstrike based on data gathered between January 2021 and April 2023 shows that insider threats are on the rise and that using privilege escalation flaws is a significant component of unauthorized activity.
According to the report, 55% of insider threats logged by the company rely on privilege escalation exploits, while the remaining 45% unwittingly introduce risks by downloading or misusing offensive tools.
CrowdStrike also categorizes incidents as insider threats when they are not malicious attacks against a company, such as using exploits to install software or perform security testing.
In these cases, though they are not used to attack the company, they are commonly utilized in a risky manner, potentially introducing threats or malware to the network that threat actors could abuse.
The above flaws are already listed in CISA's Known Exploited Vulnerabilities Catalog as they have been historically used in attacks by threat actors.
News URL
Related news
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- PoisonSeed Exploits CRM Accounts to Launch Cryptocurrency Seed Phrase Poisoning Attacks (source)
- Craft CMS RCE exploit chain used in zero-day attacks to steal data (source)