Cyber Threats Surge in 2024: Kaspersky Report Highlights Vulnerabilities

Kaspersky Lab has presented a review of changes in the cyber threat landscape for the first quarter of 2024, noting an increase in software vulnerabilities that underscores the importance of timely responses to new threats.

Statistics show a steady increase in the number of vulnerabilities registered with CVE identifiers over the last five years. This trend is attributed to the growth of bug bounty programs and security flaw competitions, which stimulate research in this field.

Furthermore, developers of popular software, operating systems, and programming languages are implementing increasingly effective protection and monitoring mechanisms, also leading to frequent vulnerability discoveries. As software products become more complex and numerous, the likelihood of new vulnerabilities emerging increases.

The number of newly registered CVEs, 2019 — 2024. The decline in 2024 is due to data being available for Q1 only

In 2023, a record number of critical vulnerabilities were registered. For instance, the proportion of critical vulnerabilities in the first quarter of 2024 remains high, indicating the need for enhanced protective measures and the implementation of patch management strategies.

The report also highlights the importance of exploits—programs that leverage vulnerabilities for malicious purposes. Statistics indicate that vulnerabilities that allow system control are of particular interest to cybercriminals. For example, the RCE vulnerability CVE-2023-28831 (CVSS score: 7.8) in WinRAR was especially popular among exploit developers.

The report includes an analysis of vulnerability exploitation in APT attacks targeted at organizational infrastructures. In 2023, vulnerabilities in remote access services and access control mechanisms were particularly exploited.

In the first quarter of 2024, there was a significant number of exploits aimed at Microsoft Exchange servers. Moreover, many exploits targeted various software products (“Other”) used in business systems for a variety of tasks, related to the broad spectrum of software that can be integrated into corporate networks.

The distribution of exploits for critical vulnerabilities by platform, Q1 2024

According to Kaspersky Lab, the following entry points are currently popular among cybercriminals:

• Remote access services (Ivanti, ScreenConnect);
• Access control mechanisms (Windows SmartScreen);
• Office applications.

In conclusion, experts from Kaspersky Lab emphasize the growing number and complexity of cyberattacks, confirming the importance of developing vulnerability monitoring systems, prompt patch management, and training employees in cybersecurity fundamentals. Such measures will enable companies to maintain security and respond swiftly to the evolving threat landscape.