Vulnerabilities surge by 43 percent over 2023

Published vulnerabilities have increased by 43 percent compared to H1 2023, with 23,668 vulnerabilities reported in H1 2024 according to a new report from Forescout.

The average number of new CVEs per day is 111 or 3,381 per month, and 20 percent of exploited vulnerabilities affected VPN and network infrastructure.

"Attackers are looking for any weak point to breach IT, IoT, and OT devices, and organizations that don't know what they have connected to their networks or if it's secured are being caught flat footed," says Barry Mainz, Forescout CEO. "To mitigate these extensive threats, organizations must enhance their visibility across network infrastructure, build proactive security measures, and consider replacing outdated VPN solutions. Comprehensive security strategies, including having visibility into all devices and robust access controls, are crucial to protect against these emerging and expanding threats."

Ransomware attacks have also continued to steadily climb by six percent to 3,085 incidents, up from 2,899 during the same period last year, averaging 441 per month or 15 per day. The US has experienced half of all attacks, up slightly from 48 percent in 2023, with government, financial services organizations, and technology companies the top three targets. At the same time the number of active ransomware groups expanded by 55 percent.

Of the 740 threat actors that Forescout tracks 387 (52 percent) were active in 1H 2024. The 387 active actors are predominantly cybercriminals (50 percent), including ransomware groups, state-sponsored actors (40 percent) and hacktivists, originating, in order of frequency of attacks, from China, Russia, and Iran.

"Attackers are shifting from targeting managed endpoints to un-managed perimeter devices, due to their lack of visibility and security telemetry," says Elisa Constante, vice president of research at Forescout Research -- Vedere Labs. "To combat this, organizations must extend visibility and proactive controls to these areas. Key steps include ensuring device visibility, assessing risks, disabling unused services, patching vulnerabilities, enforcing strong credentials and MFA, avoiding direct internet exposure, and segmenting networks. These steps will help reduce breach risks and strengthen overall security."

The full report is available from the Forescout site.

Image credit: cifotart/depositphotos.com