INFRA
INFRA
INFRA
Microsoft products pass Adobe in vulnerabilities exploited by cybercriminals
Microsoft Corp. products have become the most popular attack vector for cybercriminals as the use of Adobe Systems Inc. products, specifically the Flash multimedia player, have declined in use, a new report from Recorded Future Inc. has found.
The “Soft Target: The Top 10 Vulnerabilities Used by Cybercriminals” report found that Microsoft products accounted for seven of the top 10 vulnerability exploits adopted by exploit kits and phishing campaigns in 2017. Adobe Flash, which previously dominated the list, now has only three vulnerabilities in the top 10.
Among the exploit kits studied, three vulnerabilities exploited in 2017 were also exploited in 2016 — the first time researchers found high-level vulnerabilities that were attacked over multiple years. One example cited is CVE-2016-0189, a scripting engine memory corruption vulnerability was first popular in 2016 and remained so in 2017.
In good news, exploit kits saw a 62 percent decline in development during 2017, with only a few specific kits such as AKBuilder, Disdain and Terror seeing significant activity. The report attributed the decline to multiple factors, such as more specific victim targeting, shifts to more secure browsers and a rise in cryptocurrency mining malware.
“Our analysis of open, deep and dark web sources identified a shift in preference from Adobe to Microsoft consumer product exploits,” the researchers said. “Criminal exploit kits and phishing campaigns favored Microsoft products in 2017… in stark contrast to our previous rankings which saw consistent exploitation of Adobe Flash vulnerabilities.”
The rise in cryptocurrency mining malware, cited by other security firms as well, featured prominently in the report. “Exploit kits are declining as criminal efforts have adapted,” it noted. “This comes as cryptocurrency mining malware popularity rose in the past year. Profiting from cryptocurrency mining has its advantages, including less time spent on collecting victim ransomware payments and the avoidance of rising bitcoin transaction fees.”
For enterprise users, the report said that “official vulnerability databases and even scanning tools cannot arm organizations with one key metric: the overlap between the vulnerabilities in the systems you use and the ones that are being actively exploited by threat actors.”
Image: xmodulo/Flickr
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
