Latest Rapid7 Report: Zero-Days & Supply Chain Risks Rise, MFA Neglected

May 24, 2024
1 min read

TLDR:

  • Zero-day attacks are increasing, along with supply chain compromises.
  • MFA remains underutilized as a defense mechanism.

Attackers are becoming more sophisticated, armed, and quick, with a surge in zero-day attacks and supply chain compromises, according to Rapid7’s 2024 Attack Intelligence Report. The report highlights the increasing use of mass compromise events arising from zero-day vulnerabilities. Criminals are utilizing bug bounty programs to access zero-day exploits, fueling the growth in these attacks. Furthermore, the report addresses the inadequate enforcement of MFA, with over 40% of incidents in 2023 attributed to missing or inconsistent MFA usage.

The report suggests the importance of proactive remedial action and a shift towards prevention, especially at the network edge, to combat the rising threat landscape. With the ongoing trend of attackers targeting less defended edge devices, the focus on defense mechanisms at the edge is crucial. MFA, likened to Crime Prevention Through Environmental Design, acts as a deterrent for less sophisticated criminals, emphasizing the need for its consistent utilization.

Overall, the report underscores the continuous evolution of cybercriminal tactics and the necessity for organizations to enhance their security measures, particularly in response to the growing prevalence of zero-day attacks and supply chain compromises.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and