Rezilion has released its latest research report, a comprehensive analysis of the CISA Known Exploited Vulnerabilities (KEV) Catalog that reveals the vast attack surface created by software vendors’ lack of awareness and action regarding KEV vulnerabilities. These are prime targets for APT groups and financially motivated threat actors.
Rezilion’s research identifies over 15 million vulnerable instances, primarily Microsoft Windows instances, and emphasizes prioritizing patching based on exploitability.
- These vulnerabilities account for less than 1% of the total vulnerabilities discovered by organizations yearly.
- Most vulnerabilities are rated as critical or high (250 marked as CRITICAL and 535 marked as HIGH).
APT groups and profit-driven threat actors frequently exploit these vulnerabilities, often connecting to or receiving sponsorship from nation-states such as Russia, Iran, China, and North Korea. Millions of systems remain vulnerable to KEV, despite the availability of patches to resolve them.
You can read the report here.
Like this:
Like Loading...
Related
This entry was posted on March 30, 2023 at 8:03 am and is filed under Commentary with tags Rezilion. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
New Research Reveals 15+ Million Vulnerable Instances That Are Susceptible To APTs From CISA’s KEV Catalog
Rezilion has released its latest research report, a comprehensive analysis of the CISA Known Exploited Vulnerabilities (KEV) Catalog that reveals the vast attack surface created by software vendors’ lack of awareness and action regarding KEV vulnerabilities. These are prime targets for APT groups and financially motivated threat actors.
Rezilion’s research identifies over 15 million vulnerable instances, primarily Microsoft Windows instances, and emphasizes prioritizing patching based on exploitability.
APT groups and profit-driven threat actors frequently exploit these vulnerabilities, often connecting to or receiving sponsorship from nation-states such as Russia, Iran, China, and North Korea. Millions of systems remain vulnerable to KEV, despite the availability of patches to resolve them.
You can read the report here.
Share this:
Like this:
Related
This entry was posted on March 30, 2023 at 8:03 am and is filed under Commentary with tags Rezilion. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.