Adrian Johnson
TLDR:
- Published vulnerabilities rose by 43% in H1 2024 compared to H1 2023.
- Attackers heavily targeted flaws in VPNs and other perimeter devices for initial access.
Published vulnerabilities surged by 43% in the first half of 2024 compared to the same period in 2023, according to a report from Forescout. This increase was primarily driven by attackers targeting flaws in virtual private networks (VPNs) and other perimeter devices for initial access. The majority of these vulnerabilities had medium or low severity scores, with only 9% classified as critical.
The report also highlighted that 87 CVEs were added to the US CISA Known Exploited Vulnerabilities catalog in H1 2024, affecting various vendors including Microsoft, Google, and Apple. The threat actors behind these attacks were mostly from China, Russia, and Iran, with cybercriminals being the most common type of actor followed by state-sponsored actors and hacktivists.
Ransomware attacks continued to rise, with a 6% increase in H1 2024 compared to the previous year. The landscape of ransomware attacks has become more fragmented, with the top 10 groups accounting for a smaller percentage of attacks. LockBit was identified as the most active group, despite law enforcement operations targeting its infrastructure earlier in the year.
