Share this article on:
The Rapid7 2021 Vulnerability Intelligence Report highlights 50 vulnerabilities from 2021 that posed considerable risk to businesses of all sizes, of those identified, 43 were exploited in the wild. Furthermore, vulnerabilities classified as “widespread threats” for the scale at which they were exploited increased 136 per cent over the previous year.
On any given day, security professionals must prioritise and address viable threats from an overwhelming number of reported vulnerabilities. Rapid7 researchers analyse thousands of vulnerabilities each year to understand root causes, dispel misconceptions and share information on why certain flaws are more likely to be exploited than others. From their research, the team creates a report of the highest priority CVEs based on their likelihood of widespread exploitation.
“We research and publish this report to contextualise the vulnerabilities that introduce serious risk to a wide range of organisations,” says Caitlin Condon, vulnerability research manager and lead Vulnerability Intelligence Report author.
“Our goal is to highlight exploitation trends, explore attacker use cases and offer a framework for understanding new security threats as they arise.”
Key findings from the research report include:
“In years past, vulnerabilities and hacking incidents led to fewer widespread attacks,” added Condon.
“The recent increase in ransomware, coin mining and other widespread attacks means the probability of an ‘average business’ being targeted has correspondingly increased,” Condon concluded.
[Related: Insecure configurations heighten risk for SMEs as Log4j-based malware attacks persist]