Read Time:1 Minute, 32 Second

Cyber attacks have dramatically improved in the last few years. Many threat actors have developed more effective strategies for infiltrating their targets in a shorter period. A cybersecurity company recently released a report on its findings.

Rapid7, a cloud risk and threat detection leader, recently published its Rapid7 2022 Vulnerability Intelligence Report

According to Caitlin Condon, the company’s vulnerability research manager and report’s lead author, “Rapid7’s team of vulnerability researchers works around the clock to thoroughly investigate and provide critical context into emergent threats. We produce the annual Vulnerability Intelligence Report to help organisations understand attack trends and proactively address the unique and shared threats they face.”

The report includes attacker use cases and discusses exploitation trends. It also offers its readers a structured approach to understanding new security threats. The report’s most significant finding is that 56 per cent of vulnerabilities were exploited within the first seven days of public disclosure. Attackers are now developing and deploying ways to speed up the process of their attacks.

Fifty-six per cent is a 12 per cent increase compared to 2021 and a staggering 87 per cent increase compared to the 2020 findings. Condon added, “the ransomware ecosystem and the cybercrime economy have continued to mature and evolve. We saw many more ransomware families actively compromising organisations in 2022, naturally creating threat tracking and reporting challenges.”

The report also categorised the vulnerabilities into three categories, threats, widespread threats, and impending threats. Among the three, Rapid7 identified that many bug datasets belonged to widespread threats. This means it is more likely to impact many organisations than a targeted few.

The company also noted that attackers still use ‘celebrity’ vulnerabilities like Log4Shell and Folllina. The report also mentioned mass attacks sustained by VMware Vcenter and Horizon and Ubiquiti UniFi controllers, and Zyxel devices, as these offer initial access vectors.

Happy
Happy
0 %
Sad
Sad
0 %
Excited
Excited
0 %
Sleepy
Sleepy
0 %
Angry
Angry
0 %
Surprise
Surprise
0 %
Previous post New Cybersecurity Law Will Allow AU Government To Take Over IT After Attack
cyber security Next post Confidence in Cyber Insurance Low, Businesses Say