Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Career Intelligence
    • Cyber Tactics
    • Cybersecurity Education & Training
    • Leadership & Management
    • Security Talk
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Interactive Spotlight
    • Photo Galleries
    • Podcasts
    • Polls
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

The Magnet Goblin group is leveraging one-day vulnerabilities

By Security Staff
Gloved hands typing on a laptop

Image via Unsplash

March 21, 2024

Recent research has shown that Magnet Goblin, a financially motivated threat actor group, exploits one-day vulnerabilities as a preliminary infection vector. The group predominantly targets public-facing servers and deploys Nerbian malware, such as NerbianRAT and MiniNerbian. Previous activities carried out by the threat actor group were detailed by security vendors, although at that point, none had been linked to a specific actor. Yet, these reports still displayed an evident methodology, including the leveraging of one-day vulnerabilities. 

Security leaders weigh in 

Casey Ellis, Founder and Chief Strategy Officer at Bugcrowd:

“1-day flaws tend not to get as much press because, frankly, the “scoop” moment has already passed. That said, since 2020 it has been an increasing trend for nation-state and financially motivated attackers to target 1-day and n-day vulnerabilities as a “wide-and-low” means of establishing opportunistic persistence.”

Darren Guccione, CEO and Co-Founder at Keeper Security:

“Speed is critical when it comes to protecting against 1-day vulnerabilities. As soon as a zero-day vulnerability has been made public, organizations and threat actors enter a race– with bad actors like Magnet Goblin seeking to exploit the vulnerability before organizations have the opportunity to patch it. Security teams must stay vigilant, regularly monitor for vulnerabilities and ensure that patches are applied in a timely manner to mitigate the risk of exploitation by malicious actors.

“Any delay in patching a known vulnerability significantly increases the risk of a successful cyber-attack. While not every attack can be prevented, steps can be taken to mitigate the access of cybercriminals and minimize impact to systems, data and operations. In the event of a cyber incident, no matter how a threat actor accesses the network, the next step is to make sure they are unable to go any further. A Privileged Access Management (PAM) solution is imperative for IT administrators and security personnel to manage and secure privileged credentials, and ensure least privilege access.”

John Gallagher, Vice President of Viakoo Labs at Viakoo:

“It’s clear that Magnet Goblin is taking the easy route; using recently disclosed vulnerabilities to exploit poorly defended systems. With many edge and IoT devices and applications there is a lag time between when a vulnerability is disclosed and when a patch is available…and then another lag time between when the patch is released and when it is implemented.  

“Often the teams managing edge and IoT systems are outside of IT, and may have different priorities or sense of urgency when it comes to patching.  

“One can expect that one day threats will be a major security issue, as the speed of AI can accelerate these specific types of threats. Until the speed of delivery by threat actors is matched by speed of response by defenders this will be an ongoing security risk.”

KEYWORDS: malware threat actor vulnerability management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Cyber tech background

    Security’s Top Cybersecurity Leaders 2026

    Security magazine’s Top Cybersecurity Leaders 2026 award...
    Cybersecurity
  • Iintegration and use of emerging tools

    Future Proof Your Security Career with AI Skills

    AI’s evolution demands security leaders master...
    Security Education & Training
    By: Jerry J. Brennan and Joanne R. Pollock
  • The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report

    The 2025 Security Benchmark Report surveys enterprise...
    The Security Benchmark Report
    By: Rachelle Blair-Frasier
Manage My Account
  • Security Newsletter
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

Hand reaching up out of the ocean

What I Learned About Burnout the Hard Way (and How to Actually Fix it)

Paparazzi

When Private Events Become Public Infrastructure: What Celebrity OSINT Teaches Security Leaders

Colorful laptop

Organizations Think They Know Who’s Visiting Their Sites. They Don’t.

Glasses in front of coding on screen

5 Ways Quantum and AI Will Rewrite the Rules of Cyberattacks

Cyber Tactics

AIBOMs: Bringing AI Security Out of the Shadows, A Practical Guide for Security Professionals

Kaseware sponsored webinar
Schneider Electric sponsored webinar

Events

August 25, 2026

Critical Infrastructure Security Is National Security: Protecting Essential Operations in an Era of Escalating Risk

LIVE: August 25, 2026 at 2 PM EDT Learn why critical infrastructure security has become a national security imperative, and the strategies organizations can adopt to improve visibility, collaboration, and response across their security operations.

August 27, 2026

Leveraging AI & Mobility to Advance Your Security Domain

LIVE: August 27, 2026 at 2 PM EDT Explore how AI-driven cloud security solutions can elevate your security domain enhancing threat detection, streamlining operations, and delivering the resilience modern organizations demand.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products


Alertmedia sponsored webinar

Related Articles

  • Keyboard

    A Chinese espionage group is targeting the IT supply chain

    See More
  • ddos-distributed-denial-service freepik

    Fancy Lazarus DDoS extortion group is back with new campaign focused on unprotected assets

    See More
  • bitcoin--crypto-currencies-freepik

    Threat group is running active cryptojacking campaign

    See More

Related Products

See More Products
  • CASP.jpg.jpg

    CASP+ CompTIA Advanced Security Practitioner Certification All-In-One Exam Guide...

  • GSEC.jpg

    GSEC GIAC Security Essentials Certification All-In-One Exam Guide, 2E

  • The Database Hacker's Handboo

See More Products

Events

View AllSubmit An Event
  • July 17, 2025

    Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

    ON DEMAND: What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo. Learn how this dynamic public environment leverages cutting-edge security technologies to protect people, animals and assets.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • Newsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2026. All Rights Reserved BNP Media, Inc. and BNP Media II, LLC.

Design, CMS, Hosting & Web Development :: ePublishing