Legacy vulnerabilities and Remote Desktop Protocol endpoints are being singled out by attackers, according to new data based on billions of recorded cyber-attacks in 2023.
Honeypot sensors set up in the UK by insurer Coalition have recorded 5.8 billion attacks so far in 2023, which works out roughly to 17 million each day.
Three-quarters targeted RDP, which enables home workers to connect to their Microsoft Windows desktops in the office.
This is a particularly popular method for ransomware actors, as RDP is often exposed through misconfigured access controls.
According to the latest figures from Coveware, RDP compromise accounted for initial access in around 25% of ransomware attacks in Q3 2023.
Unpatched legacy vulnerabilities on Coalition's honeypots were also frequently targeted by threat actors.
Bell warned that Coalition policyholders with just one unpatched critical vulnerability were 33% more likely to issue a claim.
Those who continue to use end-of-life software no longer supported by the manufacturer were three times more likely to suffer a security incident.
This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 18 Dec 2023 10:30:13 +0000