Server-Side Exploits Dominate Threat Landscape and OT Vulnerabilities Rise 120 Percent Says Skybox Security's Inaugural Vulnerability and Threat Trends Report
Analysis of 2017 threat landscape trends shows that assets most difficult to patch are increasingly vulnerable
SAN JOSE, Calif., Feb. 07, 2018 (GLOBE NEWSWIRE) -- Skybox(TM) Security, a global leader in cybersecurity management, announced today the release of its inaugural Vulnerability and Threat Trends Report, which analyzes vulnerabilities, exploits and threats in play in 2017. The report, compiled by the team of research analysts at the Skybox Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.
A trend observed for the last several years has seen threat actors turn cybercrime into a money-making machine. An integral part of this approach means taking the path of least resistance: leveraging existing attack tools rather than developing new ones, using the same attack on as many victims as possible and targeting "low-hanging fruit." Findings of the report shed light on how those "fruits" have changed to include the assets that are generally more difficult to patch.
During 2017, the vast majority of exploits affected server-side applications (76 percent), up 17 points since 2016. Skybox Security Chief Technology Officer Ron Davidson points out that dealing with server-side vulnerabilities is always more difficult because the higher-value assets require more consideration than simply if there is a patch available or not. "As more functions rely on servers than on clients," he explains, "organizations need to have the means to understand these server-side vulnerabilities in context - of the asset criticality, the surrounding topology and security controls, and the exploit activity in the wild. Only then can they accurately decide the optimal patching priority and schedule."
The increase in server-side exploits corresponds with the continued decline in the use of exploit kits relying on client-side vulnerabilities, which accounted for only a quarter of exploits in the wild that year. This is due in part to the demise of major exploit kit players like Angler, Neutrino and Nuclear, with no comparable frontrunner rising to replace them.
"This does not mean, however, exploit kits are gone," said Marina Kidron, senior security analyst and group leader of the Skybox Research Lab. "If there's one thing we know about cybercriminals, it's that they're constantly changing tactics, and so the next 'exploit kit giant' is very likely in development as we speak. We also suspect that some kits have 'gone private,' and are used exclusively by their developers in hopes of prolonging their viability."
Instances of newly-published sample exploit code have also increased, with the monthly average jumping 60 percent in 2017. With minimal adjustments - or none at all - attackers can turn these samples into fully functioning exploits for their own use. This scenario was the case with the NSA EternalBlue exploit leaked by The Shadow Brokers and used in the WannaCry and NotPetya attacks, among others. Such leaks are putting advanced attack tools in the hands of lower-skilled cyberattackers, enhancing the capabilities of an already well-outfitted threat landscape.
"Organizations need to stay up to speed with not only active exploits in the wild," said Kidron, "but also factor in vulnerabilities with available exploit code to their prioritization processes. While the latter set doesn't represent an imminent threat, they can make the jump to active exploitation very quickly - security teams need actionable intelligence at-the-ready when they do."
The report also shows that in 2017 there was a 120-percent increase in new vulnerabilities specific to operational technology (OT) compared to the previous year (OT includes monitoring and control devices common in critical infrastructure organizations such as energy producers, utilities and manufacturers, among others). This spike is particularly concerning as many organizations have poor or non-existent visibility of the OT network, especially when it comes to vulnerabilities as active scanning is generally prohibited.
"OT is too often in the dark, and that means security management isn't getting the full picture of cyber risk in their organization," said Kidron. "Even when patchable vulnerabilities are identified, OT engineers are understandably hesitant to install the update, as it could disrupt services, cause equipment damage or even risk life and limb. Organizations with OT networks need to have strategies in place not just for OT vulnerability assessment and patching prioritization, but also to unify such processes with those in the IT network to truly understand and manage risk."
Overall, new vulnerabilities catalogued by MITRE's National Vulnerability Database doubled in 2017. The jump was largely due to organizational improvements at MITRE and increased security research by vendors and third-parties, including vendor-sponsored bug bounty programs. The result is more than 14,000 newly assigned CVEs. Whatever the reason, it introduced yet more challenges to the teams responsible for managing vulnerabilities. "In 2017, if you were still relying on traditional prioritization methods like CVSS scores only, your laundry list just got longer," said Davidson. "In the year ahead, we may well see an even higher figure. Organizations have got to take a drastically different approach to vulnerability management."
Skybox recommends establishing a threat-centric vulnerability management (TCVM) program to adapt to these changes in the threat landscape and those yet to come. The TCVM approach helps security practitioners focus on the small subset of vulnerabilities most likely to be used in an attack by analyzing them from the interconnected perspectives of the business, network and threats in play.
About Skybox Research Lab
The Skybox(TM) Research Lab is team of security analysts who daily scour data from dozens of security feeds and sources as well as investigate sites in the dark web. The Research Lab validates and enhances data through automated as well as manual analysis, with analysts adding their knowledge of attack trends, cyber events and TTPs of today's attackers. Their ongoing investigations determine which vulnerabilities are being exploited in the wild and used in distributed crimeware such as ransomware, malware, exploit kits and other attacks exploiting client- and server-side vulnerabilities.
For more information on the methodology behind the Skybox Research Lab and to keep up with the latest vulnerability and threat intelligence, visit www.vulnerabilitycenter.com.
About Skybox Security
Skybox provides the industry's broadest cybersecurity management platform, delivering comprehensive attack surface visibility. Skybox delivers the context needed to quickly identify and fix vulnerabilities and security weaknesses within large, complex networks - including physical, virtual, multi-cloud and OT environments. The Skybox(TM) Security Suite integrates with more than 120 networking and security technologies to give insight on how to improve efficiency and effectiveness of vulnerability and threat management and firewall and security policy management.
© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.
Director of Brand and Communications
408-205-1618 | Tawnya.firstname.lastname@example.org
OneChocolate for Skybox Security
North America: Brian Blank
1-415-606-8381 | email@example.com
United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk
Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de
France: Xavier Delhôme
+33 1 41 31 75 09 | firstname.lastname@example.org
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Skybox Security via Globenewswire
Om Nasdaq GlobeNewswire
One Liberty Plaza - 165 Broadway
NY 10006 New York
+1 212 401 8700http://www.nasdaqomx.com
NASDAQ (NASDAQ: NDAQ) is a leading provider of trading, exchange technology, information and public company services across six continents.
Følg saker fra Nasdaq GlobeNewswire
Registrer deg med din epostadresse under for å få de nyeste sakene fra Nasdaq GlobeNewswire på epost fortløpende. Du kan melde deg av når som helst.
Siste saker fra Nasdaq GlobeNewswire
Atico Produces 5.36 Million Pounds of Cu and 3,010 Ounces of Au in Third Quarter 201816.10.2018 22:30 | Pressemelding
VANCOUVER, British Columbia, Oct. 16, 2018 (GLOBE NEWSWIRE) -- Atico Mining Corporation (the “Company” or “Atico”) (TSX.V: ATY | OTC: ATCMF) announces its operating results for the three months ended September 30, 2018 from its El Roble mine. Production for the quarter totaled 5.36 million pounds of copper and 3,010 ounces of gold in concentrates, an increase of 5% for copper and 6% for gold, respectively, over the same period in 2017. “We are pleased to report another strong quarter of production as the El Roble mine continues to operate at a steady state level while the Company remains on track to deliver on our 2018 operational objectives,” said Fernando E. Ganoza, CEO. “For remainder of the year, we will continue optimizing the operation and executing the aggressive exploration drilling program at the El Roble property looking for additional mineralization both regionally and at mine vicinity.” Third Quarter Operational Highlights Production of 5.36 million pounds of copper contain
SoftServe’s Research Team Takes Prize at Samsung AI Challenge16.10.2018 21:16 | Pressemelding
Artificial intelligence leveraged to deblur and dehaze photos and videos with exceptional quality AUSTIN, Texas, Oct. 16, 2018 (GLOBE NEWSWIRE) -- SoftServe, a leading digital authority and consulting company, announced its researchers won second place at the Samsung AI Challenge 2018 with innovative neural image restoration enhancement for mobile and embedded devices. “Artificial intelligence is at the center of future-proofing technologies for many businesses today,” said Serge Haziyev, senior vice president for Advanced Technology at SoftServe. “The opportunities for AI are endless and we are proud of our team and their commitment to creating an innovative AI algorithm that pushed the boundaries of existing deblurring and dehazing technologies as part of Samsung’s AI Hackathon.” The winning team, made up of SoftServe research engineers, Volodymyr Budzan and Orest Kupyn, participated in the worldwide event developing a solution that uses state-of-the-art deep learning and computer vi
IRYStec Selected as CIX Top 20 Innovator for 2018!16.10.2018 17:52 | Pressemelding
MONTREAL, Oct. 16, 2018 (GLOBE NEWSWIRE) -- IRYStec Software Inc., today announced it was selected as one of the CIX Top 20 most innovative companies of 2018 in Canada. Chosen from hundreds of profiles by industry experts and investors, the winner will represent Canada at the Start-up World Cup Grand Finale In 2019! The CIX Top 20 program is Canada’s largest national showcase of the 20 hottest and most innovative tech companies. Hundreds of applications are submitted each year from across Canada and the CIX Selection Committee evaluates and selects 20 based on 5 criteria: Business Model, Quality of Product and Service Offering, Innovation, Market Opportunity and Depth of Management. CTO and Co-founder, Tara Akhavan, will be presenting at CIX 2018 on Oct 23 at 1 PM. Both Tara and Simon Morris, CEO, will be attending both days demonstrating why all displays in the near future will be perceptual displays driven by IRYStec’s Perceptual Display Platform technology. A crowd of over 800 inves
Strategic Tax Leaders are Preparing Now for Tax Reform 2.016.10.2018 15:15 | Pressemelding
ATLANTA, Oct. 16, 2018 (GLOBE NEWSWIRE) -- This year organizations adjusted their tax approach due to the passing of the Tax Cuts and Jobs Act. Strategic tax teams are continuing to prepare for another round of amendments with the potential for Tax Reform 2.0. “Change is inevitable, so organizations can’t get complacent with their tax strategy,” said Nick Alexander, Senior Product Manager at PowerPlan. “Tax teams should maximize their use of technology to help them stay ahead of future modifications of tax code to minimize disruption to their financials, processes and compliance.” PowerPlan has published a new article, Get Ready: Reform Isn’t Over, which further covers the potential impacts of Tax Reform 2.0 and shares how tax teams can prepare. To access the article, please visit: http://bit.ly/2NE8ZDO. About PowerPlan PowerPlan software provides financial insight into how complex rules and regulations impact your organization – empowering you to make credible decisions that improve o
€1.6bn investment project kickstarts Lithium Werks’ battery gigafactories vision16.10.2018 14:38 | Pressemelding
THE HAGUE, Netherlands, Oct. 16, 2018 (GLOBE NEWSWIRE) -- Dutch energy storage and battery company Lithium Werks B.V. (www.lithiumwerks.com) and Chinese Zhejiang Jiashan Economic and Technological Development Zone Industry Corporation have signed a framework agreement with the intention to construct a 60 hectares battery gigafactory in the Yangtze river Delta. Total investments required are estimated at €1.6 billion. The Lithium Werks factory and related facilities will produce battery cells for lithium-ion batteries, enabling the energy transition from fossil fuels to clean energy in order to reduce CO2 emissions. Lithium Werks expects to have installed production capacity of 500 GWh per annum by 2030 as it continues to contribute to the shift to a carbon neutral world. “With our Chinese partners’ help, and as we continue to grow both organically and through acquisitions, we will deliver the energy storage solutions that our customers increasingly ask for as the world transitions to c
Global Beverage and Food Launches With Stevia Are Up Sharply In 201816.10.2018 14:00 | Pressemelding
New Products Launched Globally with Stevia Post a +27% Increase in the First Half of 2018 vs the Same Period in 2017 CHICAGO, Oct. 16, 2018 (GLOBE NEWSWIRE) -- PureCircle (LSE: PURE), the world's leading producer and innovator of great-tasting stevia sweeteners, reports launches of new food and beverage products containing stevia leaf sweeteners increased significantly in the first six months of 2018 vs the comparable period in 2017. The data used in this release was provided by Mintel Global New Products Database (GNPD)*. Specifically, new product launches with stevia rose +27% globally. About one-third of foods and beverages launched using high-intensity sweeteners** contained stevia this year, nearly double the rate when compared to the first six months in 2012. Looking at results separately for global beverages and foods, launches of beverage products containing stevia grew 33% in the first half of 2018. Launches of food products with stevia grew 23%. As evidenced by this growth da
I vårt presserom finner du alle våre siste saker, kontaktpersoner, bilder, dokumenter og annen relevant informasjon om oss.Besøk vårt presserom