1Exploit Kits Disappearing as Cloud and Mobile Security Challenges Grow
Cisco released its 2017 Midyear Cybersecurity Report on July 20, revealing trends old and new about the state of threats impacting organizations around the world. A number of those trends are positive ones, including the decline of exploit kits in 2017 as the Nuclear and Angler kits have begun to fade away. The time to detection of new threats is also continuing to improve; the median time between compromise and detection of a threat was approximately 3.5 hours for the period from November 2016 to May 2017, compared with 39.2 hours for November 2015. In this slide show, eWEEK takes a look at some of the highlights of the Cisco 2017 Midyear Cybersecurity Report.
2Exploit Kit Use Declines
Exploit kit attacks have been declining at a rapid rate according to Cisco, with the Angler and Nuclear exploit kits largely ceasing operations.
3.ZIP Still the Most Widely Used File Extension for Malware
Although malware can be delivered in many ways with different file extensions, the .zip file extension remains the most popular.
4Time to Detection Improving
Cisco defines the time-to-detection (TTD) metric as the window of time between a compromise and the detection of a threat. TTD has been improving over time, with a median time of approximately 3.5 hours for the period from November 2016 to May 2017, compared with 39.2 hours for November 2015.
5Server Vulnerabilities Continuing to Grow
While vulnerabilities continue to be found in server, endpoint and networking components, Cisco reported that more are found in servers than anywhere else.
6Buffer Errors Remain Top Threat Category
The most common type of coding error that criminals exploit are buffer errors that enable attacks to abuse memory to exploit running processes and applications.
7Misconfigured Memcached Servers Are a Risk
Memcached is a widely deployed memory object caching system used on databases and servers. Cisco’s research revealed that a large percentage (79) of memcached servers are vulnerable to attack due to authentication issues.
8Privileged Accounts Need to Be Restricted
Many breaches are the result of privileged account abuse. Cisco’s research reveals that most organizations have limited needs for privileged accounts and can remove up to 75 percent of privileges from administrative accounts with little or no business impact.
9Most Organizations Use Six or More Security Vendors
Sixty-six percent of organizations that Cisco surveyed admitted to using six or more security vendors or products to help protect their organizations.
10Attacks Lead to Revenue Loss
Cyber-attacks have a financial impact on business. Cisco found that 34 percent of service providers reported revenue losses due to cyber-attacks in the past year.
11Cloud and Mobile Security Are Challenging
In the survey, Cisco asked security professionals about challenges they face, and 59 percent reported that cloud infrastructure and mobile devices are among the most challenging to defend against attacks.