A quarter of all high-risk IT weaknesses were exploited on the same day they were published this year, according to Qualys.
A report by the IT and Cloud security outfit rounding up 2023’s threat landscape, highlights where businesses were left vulnerable to a cyber-attack through weaknesses in their IT systems.
According to the stats, 26,500 vulnerabilities were disclosed this year, with 115 of these routinely exploited by threat actors, malware, and ransomware groups. This eclipses the total number of vulnerabilities disclosed in 2022 by over 1,500.
However, only about 1% of the disclosed vulnerabilities can be categorised as high risk (206) Qualys found.
Ransomware groups such as LockBit and Ceber exploited 20 vulnerabilities, and 15 vulnerabilities were exploited by malware and botnet groups.
More than a third of the high-risk vulnerabilities (206) identified could be exploited remotely, with over a third of them residing in the networking infrastructure or web application.
Most of these are in enterprise environments or industrial control systems, usually used for initial access and lateral movement.
Incidents where vulnerability exploits have led to breaches include the UK’s Ministry of Defence, which suffered a data breach due to a rogue Windows 7 PC that was running outdated software on one of its manufacturing machines.
Public-facing applications are the second most exploited, targeting applications that are accessible from the internet. Last month an example of this included the WordPress hack, where thousands of sites running the content management system were breached due to a vulnerability in a plugin on the site.
The most active gangs to exploit vulnerabilties this year was the CL0P Ransomware gang, which notoriously exploits vulnerabilities, and LockBit, which uses a ransomware-as-a-service model that bypasses authentication on public-facing websites.
