Attackers are weaponizing more vulnerabilities than ever before
Threat actors are stepping up their efforts to weaponize vulnerabilities affecting Adobe products, new data by RiskSense shows. In 2018, a record-breaking 177 flaws were weaponized, which is 139% higher than in 2017. The study also found that last year almost three times more vulnerabilities were exploited in the wild before a patch had been issued than was the case in 2017.
According to RiskSense CEO Srinivas Mukkamala, the findings point to “the need for a more holistic approach to vulnerability management and prioritization that is based on threat exploitability and weaponization metrics.” As an example of the shortcomings of current approaches Mukkamala points to the Neutrino and Angler exploit kits, which allowed threat actors to exploit flaws for over a year before those vulnerabilities were disclosed.