Year of GenAI 2 Threat Snapshot 3 Vulnerability Intelligence 4 Stolen Access Credentials 6 Tips 7 8 Ransomware 5 Key Findings 1 11.9 % Zoho’s ManageEngine ServiceDesk flaw 11.9 % 0-day in GoAnywhere MFT Barracuda Email Security Gateway flaw 9.6 % 28.5 % MOVEit flaw 21.4% WinRAR flaw 16.7 % Citrix Bleed Vulnerability Intelligence 4 Abusing vulnerabilities is a popular attack vector that poses a major threat against organizations’ infrastructure. Once a threat actor exploits a vulnerability and gains access to the network, they can potentially cause damage within days and gain unauthorized access to sensitive data. Therefore, it is important to update outdated and vulnerable versions of software and products used by the organization. Some of the vulnerabilities detailed below are zero-day flaws which allowed mass exploitation due to the fact they were exploited by threat actors before the flaws were discovered. This emphasizes the time-sensitivity of patching and applying relevant recommendations as soon as possible when a vulnerability is disclosed. 2023 Most Exploited CVEs: Vulnerability Intelligence 8