Automated Toolkits Targeting Older Flaws
Automated attack toolkits remove the skill level needed to carry out attacks, enabling lesser-skilled cybercriminals to set up attack platforms to spread malware and steal data. The report found that an unpatched Java vulnerability cost one firm close to $95,000 for mitigation, lost productivity, additional monitoring, defensive controls and analysis during the incident. The Solutionary analysis found that 81 percent of the exploits identified in attacker exploit kits in 2012 were related to vulnerabilities cataloged in 2011 or earlier. The finding highlights the need for a robust patch management program at organizations.