2017 Vulnerability Report: A Shift in Cybercriminal Preferences

March 27, 2018 • Scott Donnelly

Download Now: The Top 10 Vulnerabilities Used by Cybercriminals

Defenders continuously face the challenge of making remediation decisions around vulnerabilities without access to all of the facts. For example, it can be difficult to find the exploits that actually affect your business in the official vulnerability databases or even scanning tools. There’s simply too much information.

To provide a little more context, every year we analyze thousands of sources, including code repositories, deep web forum postings, and dark web onion sites to bring you the top 10 vulnerabilities used by cybercriminals.

Here’s a brief snapshot of what we found from 2017 activity.

Microsoft Is the New Favorite

In our 2016 vulnerability report, we found that Adobe Flash accounted for six of the top 10 vulnerabilities. This came as no surprise since Flash regularly tops yearly vulnerability reports.

This past year, however, something shifted. Our analysis identified a shift in preference from Adobe to Microsoft consumer product exploits. Seven of the top 10 vulnerabilities exploited by phishing attacks and exploit kits are utilizing Microsoft products. This is in stark contrast to our previous rankings.

Analysis of these sources from January 1, 2017 to December 31, 2017 shows that Adobe is still somewhat popular among cybercriminals but quickly declining.

Some of this change is due to evolving criminal use of exploited vulnerabilities. Overall, exploit kits are declining as criminal efforts have adapted — cryptocurrency mining malware popularity has risen in the past year, for example.

Covering All the Bases

It’s a lot of information, so every week for the next four weeks, we’ll release a blog post focusing on a specific part of the report. Stay tuned for an in-depth look at why Flash is no longer the preferred exploit of cybercriminals, which specific Microsoft vulnerabilities to watch out for, what CVSS scores really mean, and more.

You can also download “The Top 10 Vulnerabilities Used by Cybercriminals” report to look further into why the criminal underground is shifting, what other vulnerabilities are being actively exploited, and what you can do to defend against them.

Related Posts

Endpoint Security in Action: How Security Intelligence Provides Protection for Endpoints

Endpoint Security in Action: How Security Intelligence Provides Protection for Endpoints

January 22, 2020 • The Recorded Future Team

The majority of successful IT infrastructure breaches originate at endpoint devices An attack may...

How to Empower Your SOC With Security Intelligence

How to Empower Your SOC With Security Intelligence

January 21, 2020 • The Recorded Future Team

Editor’s Note: Over the next several weeks, we’ll be sharing excerpts from the newly released...

How Security Intelligence Enhances Cloud Security

How Security Intelligence Enhances Cloud Security

January 16, 2020 • The Recorded Future Team

As cybercriminals continue to target the resource-rich cloud environment, security teams...