April 15, 2020 • The Recorded Future Team
Vulnerabilities have long provided threat actors with a launch pad for their attacks. According to the 2019 Verizon Data Breach Investigations Report, “vulnerability exploitation” remains one of the top cyberattack methods used today. Threat actors often take the path of least resistance, seeking out weaknesses in an organization’s tech stack, then compromising them to access and steal sensitive information, or escalating privileges in search of their target.
That’s why it’s critical to identify and patch the vulnerabilities that are most likely to be exploited.
As IT environments become increasingly complex — spanning multiple data centers, cloud environments, CI/CD pipelines, and more — effective vulnerability management has become increasingly difficult for security teams. Short on time and resources, they often lack the full picture and struggle to pinpoint and address vulnerabilities presenting real risk to their organization.
Thousands of new vulnerabilities are discovered every year, so it’s natural for security teams to feel overwhelmed by the sheer volume. However, only 5.5% of those thousands of disclosed vulnerabilities are ever actually exploited in the wild. And while new threats emerge each day, only a small percentage of them are based on new vulnerabilities. The truth is, most exploits leverage just a few of the same vulnerabilities.
Recorded Future’s researchers have scoured thousands of code repositories, underground forum postings, and dark web sites to identify and rank the top 10 vulnerabilities that were actively exploited by threat actors last year. Their findings are outlined in our latest vulnerability report, “Criminal Underground Continues to Target Microsoft Products in Top 2019 Exploited Vulnerabilities List.”
Download the report to view year-over-year changes in exploit kit, phishing, and remote access trojan co-occurrences with vulnerabilities. Find out how CVSS scores correlate to actual “in the wild” severity analysis. You’ll also learn why attackers continue to target Microsoft products above all else (and how to protect these key systems).
In the report, you’ll also discover how security intelligence provides the external context you need — like insights into threat actor behaviors or how to confirm whether a vulnerability is being actively weaponized in your environment — to help your security team focus efforts and amplify impact. See how this real-time intelligence can help improve tech stack monitoring to quickly identify and mitigate issues, while bridging the risk gap between security, operations, and business leadership.
To quote Thomas à Kempis, “The acknowledgment of our weakness is the first step in repairing our loss.” Download your copy of our vulnerability report today to gain a clearer understanding of the hidden weaknesses in your organization that threat actors are actively working to exploit.