A new report out today from business risk intelligence startup Flashpoint has found that new vulnerabilities that were discovered rose, though not by a lot, in the first half of this year and that cybercriminals are increasingly using info-stealing malware to steal personal information.
The Flashpoint Cyber Threat Intelligence Index, based on data, trends and emerging cyberthreats observed from Jan. 1 to June 30, found that there were 17,518 newly disclosed vulnerabilities in the first half of the year, up 11% from the first half of 2023. The number of publicly known exploits rose 6% over the same period.
Over 45% of vulnerabilities disclosed in the first half of 2024 were rated high to critical according to the Common Vulnerability Score System v3.
Infostealing malware, noted in the report as one of the most significant threats of 2024, was found to have infected more than 13 million devices and compromised more than 53 million credentials in the first half of the year. The stolen data was also found to be fueling increasingly complex and damaging ransomware attacks.
The RedLine info-stealing malware was found to be the most used, accounting for just more than 3 million infected hosts, well ahead of Risepro on 879,000 and Stealc on 289,000. Through the half year, Flashpoint collected over 456 million stolen or leaked credentials.
On the ransomware side, to no one’s surprise, LockBit remains the most prolifically used form of ransomware, accounting for 428 attacks through the half year, ahead of Play on 175 and RansomHub on 169. LockBit is a ransomware-as-a-service provider that charges others to use its ransomware software.
Insider threats are also highlighted in the report, with Flashpoint observing 8,497 unique instances of insider recurring, advertising or general discussions involving insider-related threat activity across its chat collections. The vast majority of insider threat activity came from individuals advertising their services to malicious actors, particularly in the telecom industry, where employees solicit to perform SIM swaps for threat actors.
“The cyberthreat landscape is increasingly volatile and interconnected,” said Flashpoint Chief Executive Josh Lefkowitz. “Vulnerabilities and exploits are on the rise and threat actors are exploiting these weaknesses.”
Lefkowitz noted that Flashpoint sees the deployment of infostealers as the top trend spiking in 2024 thus far. “They have already infected over 13 million devices this year and stolen vast amounts of data, fueling a surge of ransomware attacks and data breaches at large,” he said. “Organizations need to prioritize infostealers accordingly and take proactive steps to defend their people and assets.”