July 14, 2024 at 11:37AM
Cloudflare’s 2024 Application Security report highlights the rapid weaponization of proof-of-concept exploits, with attackers acting as quickly as 22 minutes after publication. The report identifies the most targeted CVEs, emphasizing the need for AI assistance to develop effective detection rules. Additionally, the report reveals a significant increase in DDoS traffic, reaching 6.8% of all internet traffic.
Here are the key takeaways from the meeting notes:
1. Threat actors are quick to weaponize available proof-of-concept (PoC) exploits, with some exploits being deployed as quickly as 22 minutes after being made publicly available.
2. Cloudflare’s Application Security report for 2024 covers activity between May 2023 and March 2024 and emphasizes emerging threat trends, including heightened scanning activity for disclosed CVEs, command injections, and attempts to weaponize available PoCs.
3. Specific vulnerabilities, including CVE-2023-50164, CVE-2022-33891 in Apache products, CVE-2023-29298, CVE-2023-38203, CVE-2023-26360 in Coldfusion, and CVE-2023-35082 in MobileIron, were among the most targeted flaws during the examined period.
4. The report highlighted an example of the rapid weaponization of a vulnerability, specifically CVE-2024-27198, an authentication bypass flaw in JetBrains TeamCity, with an attacker deploying a PoC-based exploit only 22 minutes after its publication.
5. Cloudflare recommends using AI assistance to quickly develop effective detection rules, as the speed of exploitation often outpaces the ability of humans to create WAF rules or deploy patches.
6. Cloudflare’s report also highlights a significant increase in distributed denial of service (DDoS) traffic, accounting for 6.8% of all daily internet traffic and indicating an overall increase in the volume of DDoS attacks compared to the previous 12-month period.
7. During large global attack events, malicious traffic may account for as much as 12% of all HTTP traffic, and Cloudflare blocked an average of 209 billion cyber threats each day in Q1 2024, representing a substantial increase compared to the previous year.
The full PDF report, which contains additional recommendations and deeper insights, is available for download [here](https://examplelink.com).