December 8, 2023 at 12:20PM
Insider threats using privilege escalation flaws are on the rise, with 55% of incidents relying on privilege escalation exploits and 45% introducing risks through downloading risky tools. Crowdstrike reports that insider attacks cost an average of $648,000 for malicious and $485,000 for non-malicious incidents. Additionally, introducing flaws into networks increases security risk.
Based on the meeting notes, the key takeaways are:
1. Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks.
2. According to a report by Crowdstrike, insider threats are on the rise, with 55% relying on privilege escalation exploits and 45% introducing risks by downloading or misusing offensive tools.
3. Attacks launched from within targeted organizations cost an average of $648,000 for malicious and $485,000 for non-malicious incidents.
4. The most exploited flaws for local privilege escalation by rogue insiders include CVE-2017-0213, CVE-2022-0847, CVE-2021-4034, CVE-2019-13272, CVE-2015-1701, and CVE-2014-4113.
5. Nearly half of the insider incidents recorded by Crowdstrike concern unintentional mishaps like exploit testing getting out of control and executing offensive security tools without appropriate protection measures.
6. Introducing these flaws into corporate networks can increase the overall security risk by providing threat actors with additional vectors for exploitation, and fake proof-of-concept exploits or security tools can install malware on devices.
If you need further analysis or documentation on any specific aspect from the meeting notes, please let me know.