The analysis shows trends of cybercriminals and their favorite attack vectors.
Kaspersky Lab has provided an overview of changes in the cyber threat landscape for the first quarter of 2024. The report notes an increase in the number of software vulnerabilities, which highlights the importance of responding to new threats in a timely manner.
According to statistics, the last 5 years show a steady increase in the number of vulnerabilities registered with CVE identifiers. This trend is associated with the development of Bug Bounty programs and competitions to find security flaws, which encourages scientific research in this area.
In addition, developers of popular software, operating systems, and programming languages are implementing more and more effective protection and monitoring mechanisms, which also leads to frequent vulnerability detection. Finally, as the complexity and number of software products increases, so does the likelihood of new vulnerabilities.
In 2023, a record number of critical vulnerabilities were registered. For example, the share of critical vulnerabilities in the first quarter of 2024 remains high, which indicates the need to strengthen protective measures and implement patch management.
The report also highlights the importance of exploits-programs that can exploit vulnerabilities for malicious purposes. Statistics show that the greatest interest among attackers is caused by vulnerabilities that allow you to gain control over the system. For example, the RCE vulnerability CVE-2023-28831 (CVSS score: 7.8) in WinRAR was particularly popular among exploit developers.
Additionally, an analysis of exploiting vulnerabilities in APT attacks that target organizations ' infrastructure is provided. In 2023, vulnerabilities in remote access services and access control mechanisms were particularly actively exploited.
The first quarter of 2024 saw a significant number of exploits targeting Microsoft Exchange servers. In addition, many exploits affected various software products (Other) used in business systems to solve a variety of tasks, which is associated with a wide range of software that can be integrated into corporate networks.
According to Kaspersky Lab, attacks with the following entry points are currently popular with attackers:
In conclusion, Kaspersky Lab experts emphasize the growing number and complexity of cyber attacks, confirming the importance of developing vulnerability monitoring systems, operational patch management, and training employees in the basics of cybersecurity. Such measures will allow companies to maintain security and quickly respond to the changing threat landscape.
Kaspersky Lab has provided an overview of changes in the cyber threat landscape for the first quarter of 2024. The report notes an increase in the number of software vulnerabilities, which highlights the importance of responding to new threats in a timely manner.
According to statistics, the last 5 years show a steady increase in the number of vulnerabilities registered with CVE identifiers. This trend is associated with the development of Bug Bounty programs and competitions to find security flaws, which encourages scientific research in this area.
In addition, developers of popular software, operating systems, and programming languages are implementing more and more effective protection and monitoring mechanisms, which also leads to frequent vulnerability detection. Finally, as the complexity and number of software products increases, so does the likelihood of new vulnerabilities.
In 2023, a record number of critical vulnerabilities were registered. For example, the share of critical vulnerabilities in the first quarter of 2024 remains high, which indicates the need to strengthen protective measures and implement patch management.
The report also highlights the importance of exploits-programs that can exploit vulnerabilities for malicious purposes. Statistics show that the greatest interest among attackers is caused by vulnerabilities that allow you to gain control over the system. For example, the RCE vulnerability CVE-2023-28831 (CVSS score: 7.8) in WinRAR was particularly popular among exploit developers.
Additionally, an analysis of exploiting vulnerabilities in APT attacks that target organizations ' infrastructure is provided. In 2023, vulnerabilities in remote access services and access control mechanisms were particularly actively exploited.
The first quarter of 2024 saw a significant number of exploits targeting Microsoft Exchange servers. In addition, many exploits affected various software products (Other) used in business systems to solve a variety of tasks, which is associated with a wide range of software that can be integrated into corporate networks.
According to Kaspersky Lab, attacks with the following entry points are currently popular with attackers:
- remote access services (Ivanti, ScreenConnect);
- access control mechanisms (Windows SmartScreen);
- office applications.
In conclusion, Kaspersky Lab experts emphasize the growing number and complexity of cyber attacks, confirming the importance of developing vulnerability monitoring systems, operational patch management, and training employees in the basics of cybersecurity. Such measures will allow companies to maintain security and quickly respond to the changing threat landscape.
