GlobeNewswire

Server-Side Exploits Dominate Threat Landscape and OT Vulnerabilities Rise 120 Percent Says Skybox Security's Inaugural Vulnerability and Threat Trends Report

Dela

Analysis of 2017 threat landscape trends shows that assets most difficult to patch are increasingly vulnerable

 

SAN JOSE, Calif., Feb. 07, 2018 (GLOBE NEWSWIRE) -- Skybox(TM) Security, a global leader in cybersecurity management, announced today the release of its inaugural Vulnerability and Threat Trends Report, which analyzes vulnerabilities, exploits and threats in play in 2017. The report, compiled by the team of research analysts at the Skybox Research Lab, aims to help organizations align their security strategy with the reality of the current threat landscape.

A trend observed for the last several years has seen threat actors turn cybercrime into a money-making machine. An integral part of this approach means taking the path of least resistance: leveraging existing attack tools rather than developing new ones, using the same attack on as many victims as possible and targeting "low-hanging fruit." Findings of the report shed light on how those "fruits" have changed to include the assets that are generally more difficult to patch.

During 2017, the vast majority of exploits affected server-side applications (76 percent), up 17 points since 2016. Skybox Security Chief Technology Officer Ron Davidson points out that dealing with server-side vulnerabilities is always more difficult because the higher-value assets require more consideration than simply if there is a patch available or not. "As more functions rely on servers than on clients," he explains, "organizations need to have the means to understand these server-side vulnerabilities in context - of the asset criticality, the surrounding topology and security controls, and the exploit activity in the wild. Only then can they accurately decide the optimal patching priority and schedule."

The increase in server-side exploits corresponds with the continued decline in the use of exploit kits relying on client-side vulnerabilities, which accounted for only a quarter of exploits in the wild that year. This is due in part to the demise of major exploit kit players like Angler, Neutrino and Nuclear, with no comparable frontrunner rising to replace them.

"This does not mean, however, exploit kits are gone," said Marina Kidron, senior security analyst and group leader of the Skybox Research Lab. "If there's one thing we know about cybercriminals, it's that they're constantly changing tactics, and so the next 'exploit kit giant' is very likely in development as we speak. We also suspect that some kits have 'gone private,' and are used exclusively by their developers in hopes of prolonging their viability."

Instances of newly-published sample exploit code have also increased, with the monthly average jumping 60 percent in 2017. With minimal adjustments - or none at all - attackers can turn these samples into fully functioning exploits for their own use. This scenario was the case with the NSA EternalBlue exploit leaked by The Shadow Brokers and used in the WannaCry and NotPetya attacks, among others. Such leaks are putting advanced attack tools in the hands of lower-skilled cyberattackers, enhancing the capabilities of an already well-outfitted threat landscape.

"Organizations need to stay up to speed with not only active exploits in the wild," said Kidron, "but also factor in vulnerabilities with available exploit code to their prioritization processes. While the latter set doesn't represent an imminent threat, they can make the jump to active exploitation very quickly - security teams need actionable intelligence at-the-ready when they do."

The report also shows that in 2017 there was a 120-percent increase in new vulnerabilities specific to operational technology (OT) compared to the previous year (OT includes monitoring and control devices common in critical infrastructure organizations such as energy producers, utilities and manufacturers, among others). This spike is particularly concerning as many organizations have poor or non-existent visibility of the OT network, especially when it comes to vulnerabilities as active scanning is generally prohibited.

"OT is too often in the dark, and that means security management isn't getting the full picture of cyber risk in their organization," said Kidron. "Even when patchable vulnerabilities are identified, OT engineers are understandably hesitant to install the update, as it could disrupt services, cause equipment damage or even risk life and limb. Organizations with OT networks need to have strategies in place not just for OT vulnerability assessment and patching prioritization, but also to unify such processes with those in the IT network to truly understand and manage risk."

Overall, new vulnerabilities catalogued by MITRE's National Vulnerability Database doubled in 2017. The jump was largely due to organizational improvements at MITRE and increased security research by vendors and third-parties, including vendor-sponsored bug bounty programs. The result is more than 14,000 newly assigned CVEs. Whatever the reason, it introduced yet more challenges to the teams responsible for managing vulnerabilities. "In 2017, if you were still relying on traditional prioritization methods like CVSS scores only, your laundry list just got longer," said Davidson. "In the year ahead, we may well see an even higher figure. Organizations have got to take a drastically different approach to vulnerability management."

Skybox recommends establishing a threat-centric vulnerability management (TCVM) program to adapt to these changes in the threat landscape and those yet to come. The TCVM approach helps security practitioners focus on the small subset of vulnerabilities most likely to be used in an attack by analyzing them from the interconnected perspectives of the business, network and threats in play.

To read the full report, click here. To learn more about Skybox TCVM, visit skyboxsecurity.com/tcvm.

About Skybox Research Lab 
The Skybox(TM) Research Lab is team of security analysts who daily scour data from dozens of security feeds and sources as well as investigate sites in the dark web. The Research Lab validates and enhances data through automated as well as manual analysis, with analysts adding their knowledge of attack trends, cyber events and TTPs of today's attackers. Their ongoing investigations determine which vulnerabilities are being exploited in the wild and used in distributed crimeware such as ransomware, malware, exploit kits and other attacks exploiting client- and server-side vulnerabilities.

For more information on the methodology behind the Skybox Research Lab and to keep up with the latest vulnerability and threat intelligence, visit www.vulnerabilitycenter.com.

About Skybox Security
Skybox provides the industry's broadest cybersecurity management platform, delivering comprehensive attack surface visibility. Skybox delivers the context needed to quickly identify and fix vulnerabilities and security weaknesses within large, complex networks - including physical, virtual, multi-cloud and OT environments.  The Skybox(TM) Security Suite integrates with more than 120 networking and security technologies to give insight on how to improve efficiency and effectiveness of vulnerability and threat management and firewall and security policy management. 

© 2018 Skybox Security, Inc. All rights reserved. Skybox Security and the Skybox Security logo are either registered trademarks or trademarks of Skybox Security, Inc., in the United States and/or other countries. All other trademarks are the property of their respective owners. Product specifications subject to change at any time without prior notice.

CONTACT INFORMATION

Skybox Security
Tawnya Lancaster
Director of Brand and Communications
408-205-1618 | Tawnya.lancaster@skyboxsecurity.com

OneChocolate for Skybox Security
North America: Brian Blank
1-415-606-8381 | brianb@onechocolatecomms.com

United Kingdom: Daniel Couzens
+44 (0)20 7437 0227 | DanielC@onechocolatecomms.co.uk

Germany: Melanie Grasser
+49 (0)89 3888 920 10 | MelanieG@onechocolatecomms.de

France: Xavier Delhôme
+33 1 41 31 75 09 | xavier@onechocolate.fr

 



This announcement is distributed by Nasdaq Corporate Solutions on behalf of Nasdaq Corporate Solutions clients.
The issuer of this announcement warrants that they are solely responsible for the content, accuracy and originality of the information contained therein.
Source: Skybox Security via Globenewswire

Om

GlobeNewswire



Följ GlobeNewswire

Abonnera på våra pressmeddelanden.

Senaste pressmeddelandena från GlobeNewswire

Karolinska Development's portfolio company Modus Therapeutics has successfully dosed first cohort in phase 1 study of subcutaneously administered sevuparin22.2.2019 08:00:00Pressmeddelande

STOCKHOLM, February 22, 2019. Karolinska Development's portfolio company Modus Therapeutics announces today that the first cohort has been successfully dosed in its phase 1 study to explore the pharmacokinetics, safety and tolerability of subcutaneous sevuparin injections in healthy adults. Modus Therapeutic develops sevuparin for diseases with high unmet medical need with a focus on sickle cell disease (SCD) - a painful, inherited blood disorder affecting millions of people around the globe. Sevuparin has the potential to improve the SCD patients' blood flow reducing their pain and the amount of time they will need to spend in hospital. Intravenously administered sevuparin is currently being tested in a phase 2 study which completed enrollment in January 2019 and will report data in mid-2019. In order to broaden sevuparins potential to help SCD patients outside of the hospital setting, Modus Therapeutics in parallel explores subcutaneously administered sevuparin. The first cohort in a

Karolinska Development's portfolio company Modus Therapeutics has successfully dosed first cohort in phase 1 study of subcutaneously administered sevuparin22.2.2019 08:00:00Pressmeddelande

STOCKHOLM, February 22, 2019. Karolinska Development's portfolio company Modus Therapeutics announces today that the first cohort has been successfully dosed in its phase 1 study to explore the pharmacokinetics, safety and tolerability of subcutaneous sevuparin injections in healthy adults. Modus Therapeutic develops sevuparin for diseases with high unmet medical need with a focus on sickle cell disease (SCD) - a painful, inherited blood disorder affecting millions of people around the globe. Sevuparin has the potential to improve the SCD patients' blood flow reducing their pain and the amount of time they will need to spend in hospital. Intravenously administered sevuparin is currently being tested in a phase 2 study which completed enrollment in January 2019 and will report data in mid-2019. In order to broaden sevuparins potential to help SCD patients outside of the hospital setting, Modus Therapeutics in parallel explores subcutaneously administered sevuparin. The first cohort in a

Arcomas CFO lämnar bolaget21.2.2019 23:50:00Pressmeddelande

Arcomas CFO, AnnaPia Johansson har valt att avsluta sin tjänst för nya utmaningar utanför Arcoma. AnnaPia arbetar oförändrat vidare i sin nuvarande tjänst fram till augusti månad eller tills att en ersättare har rekryterats. "Jag vill tacka AnnaPia för hennes ambitiösa arbete för Arcoma och samtidigt önska henne lycka i framtida utmaningar " säger Jesper Söderqvist, VD Arcoma. Om Arcoma Arcoma, med lång erfarenhet av branschen, är en ledande leverantör av integrerade digitala röntgensystem med hög kvalitet och avancerad teknik. Arcomas produkter erbjuder den senaste digitala bildtekniken kombinerat med tekniskt avancerade rörliga positioneringssystem, vilket tillsammans med ergonomisk skandinavisk design, erbjuder kunden kompletta, konfigurerbara och funktionella digitala röntgensystem. Bolagets produkter säljs via återförsäljare samt via OEM-kunder och det finns idag över 3 500 av Arcomas röntgensystem installerade i hela världen. Arcoma är listat på Nasdaq First North. Certified Advi

Corline Biomedical AB offentliggör bokslutskommuniké för räkenskapsåret 201821.2.2019 08:45:00Pressmeddelande

Corline Biomedical AB ("Corline") publicerar härmed bokslutskommuniké för det fjärde kvartalet och räkenskapsåret 2018. Nedan följer en kort sammanfattning. Fullständig bokslutskommuniké finns tillgänglig på Corlines hemsida (www.corline.se) samt som bifogad fil. VD Henrik Nittmar kommenterar "2018 blev ett genombrottsår för Corline då bolaget gick från preklinisk till klinisk fas i utvecklingen av Renaparin® i och med att RENAPAIR 01-studien öppnade för rekrytering. Nu koncentrerar vi utvecklingsresurserna på att planera inför den värdehöjande fas 2- och fas 3-utvecklingen. Jämfört med branschkollegor har Corline en särskilt gynnsam position i och med att bolaget står på flera ben och parallellt arbetar mot lansering tillsammans med kunder inom medicinteknikområdet. Ett spännande 2019 stundar." Väsentliga händelser under det fjärde kvartalet 2018 Den vetenskapliga tidskriften Transplantation publicerar resultat från den prekliniska utvecklingen av Renaparin®. Här visas i stordjursmode

Arcoma AB: Investerarmöten våren 201915.2.2019 08:46:00Pressmeddelande

15 februari 2019 PRESSRELEASE Arcoma har som ambition att fortsätta öka sitt aktieägarfokus och kontinuerligt förbättra kommunikationen med aktieägare. Under våren 2019 kommer Arcoma medverka på flertalet investerarmöten där aktuella händelser och aktiviteter presenteras. Här ges en ökad inblick i bolagets vision och strategier samt en möjlighet till att ställa frågor till bolagets ledning. SvD Börsplus Temadag "Dubblare" Dag, tid och plats: 5 mars, kl. 13.00, GT 30, Grev Turegatan 30, Stockholm Stockholm Corporate Finance Life Science event Dag, tid och plats: 14 mars, kl. 07.30, Berns, Kammarsalen, Stockholm Redeyes Medtech & Diagnostics event Dag, tid och plats: 14:e maj, Redeye, Mäster Samuelsgatan 42, Stockholm För ytterligare information, vänligen kontakta: Arcomas VD Jesper Söderqvist, Telefon: +46 470 70 69 81, E-mail: jesper.soderqvist at arcoma.se Om Arcoma Arcoma, med lång erfarenhet av branschen, är en ledande leverantör av integrerade digitala röntgensystem med hög kvalite

Corline Biomedical AB: Första patient doserad med Renaparin®15.2.2019 08:42:00Pressmeddelande

Corline Biomedical AB ("Corline" eller "Bolaget") meddelar idag att man inkluderat första patienten i fas 1-studien RENAPAIR 01. Patienten inkluderades vid transplantationsavdelningen på Uppsala Akademiska sjukhus. Renaparin® är en produkt under utveckling för att förbättra njurtransplantation. I Corlines studie RENAPAIR 01 utvärderas produkten med avseende på tolerabilitet och säkerhet. Studien öppnades för patientrekrytering i slutet av 2018 och första patient är nu doserad och inkluderad i studien. Totalt skall 18 patienter rekryteras och när de 4 första patienterna är utvärderade i Uppsala, öppnas också Karolinska Universitetssjukhuset i Huddinge för rekrytering till studien. Henrik Nittmar, VD i Corline Biomedical AB, kommenterar "Det händer mycket i Corline för tillfället och alla arbetar hårt för att målbilden i bolaget skall uppfyllas. Det gäller såväl vår interna organisation som våra externa samarbetspartners. Därför är det extra roligt när vi når avgörande milstolpar i utvec

I vårt pressrum kan du läsa de senaste pressmeddelandena, få tillgång till pressmaterial och hitta kontaktinformation.

Besök vårt pressrum