Skip to main content

Server-Side Exploits Take the Lead for Financially Motivated Hackers

posted onFebruary 9, 2018
by l33tdawg

Financially motivated cybercriminals always go for low–hanging fruit. That means leveraging existing attack tools rather than developing new ones, using the same attack on as many victims as possible and targeting mass amounts of devices. Research shows that in the last few months, those “fruits” have started to include assets that are generally more difficult to patch: servers.

According to Skybox Security’s inaugural Vulnerability and Threat Trends Report, during 2017, the vast majority of exploits affected server-side applications (76%), up 17 points since 2016. At the same time, the number of known vulnerabilities doubled.

That’s savvy, because for enterprises, dealing with server-side vulnerabilities is always more difficult: the higher-value assets require more consideration than simply if there is a patch available or not. “As more functions rely on servers than on clients, organizations need to have the means to understand these server–side vulnerabilities in the context of the asset criticality, the surrounding topology and security controls and the exploit activity in the wild,” said Skybox Security CTO Ron Davidson. “Only then can they accurately decide the optimal patching priority and schedule.”




You May Also Like

Recent News

Monday, May 21st

Thursday, May 17th

Monday, May 14th

Tuesday, May 8th

Saturday, May 5th

Thursday, May 3rd

Wednesday, May 2nd