ICYMI: The inaugural study on EPSS performance and broader vulnerability exploitation trends published this week. If you've ever wanted data-driven answers to questions like these listed in the ToC shown here, download it today (free, no registration req'd): https://www.cyentia.com/epss-study/

#vulnerabilitymanagement #vulnerability #vulnerabilities
#vulnerability_exploits #exploit #exploitation #cyberattack #cyberattacks #epss #cvss #kev

If you took all vulnerability exploitation attempts targeting your organization and grouped them into three buckets of new, active, and dormant - it might look like this.

The blue is the proportion of "active" exploits that your sensors have registered in the recent past.

Exploits represented by the teal area have been attacked in the past but have gone dormant for a time (it's been a while since you've seen them).

The red undercurrent corresponds to new exploits never seen before.

My takeaway? Newly exploited vulns get the most *attention*, but
the older ones get the most *action*.

#vulnerabilitymanagement #vulnerability #vulnerabilities
#vulnerability_exploits #exploit #exploitation #cyberattack #cyberattacks #epss #cvss #kev

This comes from a brand new Cyentia Institute study exploring years of exploitation activity. It's available here with no registration required: https://www.cyentia.com/epss-study/

Kaspersky Finds 24 Flaws in Chinese Biometric Hardware Provider - https://www.redpacketsecurity.com/kaspersky-finds-24-flaws-in-chinese-biometric-hardware-provider/

#threatintel #biometric_security #vulnerability_exploits #cyber_threats