Hackers were much faster to exploit software bugs in 2021, with the average time to exploitation down from 42 days in 2020 to just 12 days.
That marks a 71% decrease in ‘time to known exploitation’ or TTKE, according to security firm Rapid7’s new 2021 Vulnerability Intelligence Report. The main reason for the reduction in TTKE was a surge in widespread zero-day attacks, many of which were used by ransomware gangs, according to the company.
As Rapid7 notes, 2021 was a grim year for defenders, which kicked off with the SolarWinds Orion supply chain attack which was pinned on Russian state-sponsored hackers. The year ended with the very different Apache Log4j flaw, which had no obvious main attacker but was spread across millions of IT systems.
Read more…
Source: ZDNet