Rise in Vulnerabilities Exploited in the Wild: Insights for Business Owners
In 2024, a notable surge in reported exploited vulnerabilities has been recorded, with 768 identified CVEs actively exploited, marking a 20% increase from the 639 CVEs tracked in the preceding year. This statistic highlights a concerning trend for organizations as cyber adversaries enhance their targeting of vulnerabilities.
VulnCheck has characterized the year as “another banner year for threat actors,” revealing that 23.6% of known exploited vulnerabilities (KEV) were weaponized either on or before the disclosure of their associated CVEs. This represents a modest decline from 2023, when 26.8% were similarly exploited shortly after being made public. The implication is that the timeline for exploitation is becoming increasingly unpredictable at any stage of a vulnerability’s lifecycle.
In a report shared with The Hacker News, VulnCheck’s Patrick Garrity noted that 1% of all newly published CVEs in 2024 were officially reported as being exploited in the wild. This figure is anticipated to rise, given that many exploitation cases are discovered long after the vulnerabilities are publicly disclosed.
The report, released over two months after VulnCheck identified 15 Chinese hacking groups among the 60 named threat actors involved in exploiting a range of vulnerabilities, underscores the growing complexity of cybersecurity threats. Among these, the notorious Log4j CVE (CVE-2021-44228) stands out, associated with the highest number of threat actors—31 in total. The vulnerability’s widespread impact remains significant, with VulnCheck estimating that there are over 65,245 hosts potentially vulnerable to this flaw alone.
Furthermore, approximately 400,000 internet-accessible systems are believed to be at risk of attacks associated with 15 key security weaknesses found in products from major companies such as Apache, Atlassian, Barracuda, Citrix, and Microsoft. The sheer scale of potential vulnerabilities emphasizes the necessity for business owners to take proactive measures.
In light of these findings, VulnCheck advises organizations to assess their exposure to these systems. This includes enhancing visibility into risks, utilizing robust threat intelligence frameworks, maintaining strong patch management, and implementing controls to minimize the exposure of internet-facing devices.
For decision-makers and business owners, understanding the evolving landscape of cybersecurity threats is crucial. The application of the MITRE ATT&CK framework can provide valuable insights into the potential tactics and techniques employed by adversarial actors. For example, initial access may have been achieved through phishing or exploitation of known vulnerabilities, while tactics such as persistence and privilege escalation could be leveraged to maintain access and control over compromised systems.
Facing these challenges, organizations must remain vigilant and adaptable in their cybersecurity strategies to safeguard against the escalating tide of vulnerabilities that threaten their digital infrastructure.
The insights gleaned from the continued increase in exploited vulnerabilities serve as a call to action for business leaders, underscoring the urgent need for robust cybersecurity strategies that can anticipate, withstand, and respond effectively to sophisticated cyber threats.
