Total Tests:
Stay in Touch

Get exclusive updates and invitations to our events and webinars:


Your data will stay confidential Private and Confidential

Top exploit list highlights the long tail of some vulnerabilities

By Derek B. Johnson for SC Media
Thursday, July 29, 2021

If a patch is not feasible, many of the vulnerabilities can be mitigated with workarounds or detected using indicators of compromise. Teams that struggle to keep up their patching cadence should shift to prioritize updates for vulnerabilities like these where there is evidence of active exploitation.

Ilia Kolochenko, founder of penetration testing company ImmuniWeb, said the list highlights how malicious hacking groups are gravitating towards both high-impact flaws and products with wide market reach.

“First, cybercriminals mostly target critical-risk vulnerabilities that give you full access to the vulnerable system. Second, they exploit both newly disclosed vulnerabilities, while unprepared companies remain unpatched, and pretty old ones coming from 2020 or even 2019 that are still exploitable due to persistent shadow IT or poor IT asset inventory,” said Kolochenko in a statement. “Finally, the targeted software vendors are mostly used by large enterprises (Drupal is an exception), indicating that cybercriminals are looking for a big fish.” Read Full Article


Book a Call Ask a Question
Close
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a Technical Question?

Our security experts will answer within
one business day. No obligations.

Have a Sales Question?
Email:
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
*
*
*
*
Your data will stay private and confidential