Exploit Kits Disappearing as Cloud and Mobile Security Challenges Grow

1 of 12

Exploit Kits Disappearing as Cloud and Mobile Security Challenges Grow

Cisco released its 2017 Midyear Cybersecurity Report on July 20, revealing trends old and new about the state of threats impacting organizations around the world. A number of those trends are positive ones, including the decline of exploit kits in 2017 as the Nuclear and Angler kits have begun to fade away. The time to detection of new threats is also continuing to improve; the median time between compromise and detection of a threat was approximately 3.5 hours for the period from November 2016 to May 2017, compared with 39.2 hours for November 2015. In this slide show, eWEEK takes a look at some of the highlights of the Cisco 2017 Midyear Cybersecurity Report.

2 of 12

Exploit Kit Use Declines

Exploit kit attacks have been declining at a rapid rate according to Cisco, with the Angler and Nuclear exploit kits largely ceasing operations.

3 of 12

.ZIP Still the Most Widely Used File Extension for Malware

Although malware can be delivered in many ways with different file extensions, the .zip file extension remains the most popular.

4 of 12

Time to Detection Improving

Cisco defines the time-to-detection (TTD) metric as the window of time between a compromise and the detection of a threat. TTD has been improving over time, with a median time of approximately 3.5 hours for the period from November 2016 to May 2017, compared with 39.2 hours for November 2015.

5 of 12

Server Vulnerabilities Continuing to Grow

While vulnerabilities continue to be found in server, endpoint and networking components, Cisco reported that more are found in servers than anywhere else.

6 of 12

Buffer Errors Remain Top Threat Category

The most common type of coding error that criminals exploit are buffer errors that enable attacks to abuse memory to exploit running processes and applications.

7 of 12

Misconfigured Memcached Servers Are a Risk

Memcached is a widely deployed memory object caching system used on databases and servers. Cisco's research revealed that a large percentage (79) of memcached servers are vulnerable to attack due to authentication issues.

8 of 12

Privileged Accounts Need to Be Restricted

Many breaches are the result of privileged account abuse. Cisco's research reveals that most organizations have limited needs for privileged accounts and can remove up to 75 percent of privileges from administrative accounts with little or no business impact.

9 of 12

Most Organizations Use Six or More Security Vendors

Sixty-six percent of organizations that Cisco surveyed admitted to using six or more security vendors or products to help protect their organizations.

10 of 12

Attacks Lead to Revenue Loss

Cyber-attacks have a financial impact on business. Cisco found that 34 percent of service providers reported revenue losses due to cyber-attacks in the past year.

11 of 12

Cloud and Mobile Security Are Challenging

In the survey, Cisco asked security professionals about challenges they face, and 59 percent reported that cloud infrastructure and mobile devices are among the most challenging to defend against attacks.

12 of 12

The Best and Worst Companies for Defending Your Data Privacy

The Electronic Frontier Foundation has released its "Who Has Your Back" list of companies that do the best and worst job of protecting customer data from government snooping or intrusive marketers.
Top White Papers and Webcasts