Skybox Security released its inaugural Vulnerability and Threat Trends Report, which analyzes vulnerabilities, exploits and threats in play in 2017. A trend observed for the last several years has seen threat actors turn cybercrime into a money–making machine. An integral part of this approach means taking the path of least resistance: leveraging existing attack tools rather than developing new ones, using the same attack on as many victims as possible and targeting “low–hanging fruit.”
During 2017, 76 percent of exploits affected server–side applications, up 17 points since 2016. Skybox Security CTO Ron Davidson points out that dealing with server–side vulnerabilities is always more difficult because the higher–value assets require more consideration than simply if there is a patch available or not. “As more functions rely on servers than on clients,” he explains, “organizations need to have the means to understand these server–side vulnerabilities in context — of the asset criticality, the surrounding topology and security controls, and the exploit activity in the wild. Only then can they accurately decide the optimal patching priority and schedule.”
Read more about the findings of the Vulnerability and Threat Trends Report by Skybox Security on Help Net Security.