With 2019 coming to an end, the Tenable Security Response Team reflects on the vulnerabilities and threats that had a major impact over the last year. Data breaches, malware, new vulnerabilities and exploit techniques dominated the news, as attackers and defenders continue the perpetual cat and mouse game. After reviewing hundreds of events, the team zeroed in on four areas of interest that highlight the significant threats we observed in 2019:
- Remote Desktop Protocol (RDP) Vulnerabilities
RDP-centric threats have always been important to monitor, but the revelation of BlueKeep added even more fuel to the fire, sounding an alarm bell on the importance of securing RDP.
- Showstopper Zero Days
While there are tens of thousands of vulnerabilities disclosed each year, a few notable, showstopper vulnerabilities emerged, primarily due to the sheer volume of devices left vulnerable in the case of URGENT/11 or the relative ease of identifying and exploiting flaws like the vBulletin RCE vulnerability.
- Speculative Execution Flaws
Over a year after the discovery of Meltdown and Spectre, CPUs remain haunted by speculative execution vulnerabilities, as researchers are keen on discovering side-channel attacks, and in some cases, resurrecting previously disclosed side-channel attacks mere months after they were originally reported.
Finally, ransomware attacks have become more and more pervasive throughout the last year, as attackers continue to enjoy massive success targeting organizations of all shapes and sizes using a number of tactics. This success has emboldened cybercriminals as they look to refine their attacks, from zero-day vulnerabilities to patched flaws, malicious spam emails and weaknesses in Remote Desktop Protocol – and we expect this trend to remain prominent in the coming year.