New data published by VulnCheck finds a total of 768 CVEs were publicly reported as exploited in the wild, 20% higher than the record high of 2023 (639 CVEs). 23.6% of these vulnerabilities were zero days, down from 26.8% in 2023. Half of CVEs were reported as exploited within 192 days of publicly disclosure in 2024. “Despite the buzz around zero-day exploitation, these findings indicate that exploitation can happen at any time in a vulnerability’s lifecycle,” the researchers noted.
Evan Dornbush:
I’m a huge fan of VulnCheck’s overall approach. Visibility into potential risk is critical for the modern C-suite. While, as Patrick’s blog post states, exploitation can happen at any time, patch management is essentially a solved problem with tools and services providing awareness and assistance. Two years in a row we see that a quarter of all exploits occur when only the attackers were aware of the vulnerability. As a community, we have to find ways to get that number lower. So long as attackers are the only or majority possessors of vulnerability data and exploit tools, they will maintain their advantage over the defenders.
Lawrence Pingree, VP, Dispersive follows with this:
The primary reason for the shift to more zero days and an increase in vulnerabilities is fully expected as a nexus of trends in threat actor behavior, including:
- A rotation to automation of the discovery of vulnerabilities with AI.
- The use of behavioral systems to address and live-patch systems ahead of vulnerability patching – forcing threat actors to lesser-known techniques.
- Penetration of more targeted applications that are directed more at the supply chains – which tend to be weaker and harder to patch – such as firmware and centralized but exposed application services (embedded in SaaS and IoT/OT).
I would spend some time reading this report as it will guide you in terms of what to focus on so that you can keep your environment as safe as possible.
Like this:
Like Loading...
Related
This entry was posted on February 4, 2025 at 12:45 pm and is filed under Commentary with tags VulnCheck. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
VulnCheck Report Says Exploited CVEs Up 20% In 2024
New data published by VulnCheck finds a total of 768 CVEs were publicly reported as exploited in the wild, 20% higher than the record high of 2023 (639 CVEs). 23.6% of these vulnerabilities were zero days, down from 26.8% in 2023. Half of CVEs were reported as exploited within 192 days of publicly disclosure in 2024. “Despite the buzz around zero-day exploitation, these findings indicate that exploitation can happen at any time in a vulnerability’s lifecycle,” the researchers noted.
Evan Dornbush:
I’m a huge fan of VulnCheck’s overall approach. Visibility into potential risk is critical for the modern C-suite. While, as Patrick’s blog post states, exploitation can happen at any time, patch management is essentially a solved problem with tools and services providing awareness and assistance. Two years in a row we see that a quarter of all exploits occur when only the attackers were aware of the vulnerability. As a community, we have to find ways to get that number lower. So long as attackers are the only or majority possessors of vulnerability data and exploit tools, they will maintain their advantage over the defenders.
Lawrence Pingree, VP, Dispersive follows with this:
The primary reason for the shift to more zero days and an increase in vulnerabilities is fully expected as a nexus of trends in threat actor behavior, including:
I would spend some time reading this report as it will guide you in terms of what to focus on so that you can keep your environment as safe as possible.
Share this:
Like this:
Related
This entry was posted on February 4, 2025 at 12:45 pm and is filed under Commentary with tags VulnCheck. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.