2019 is here - now what?

That’s a really tough question to answer, but NTT Security researchers sought to do just that in the latest GTIC Monthly Threat Report.

More specifically, NTT Security researchers analyzed 2018 hacking campaigns, vulnerabilities, and vulnerable applications to determine what may lie ahead in the coming year.

The findings, though fascinating, were not altogether surprising, with nation-state sponsored campaigns taking the lion’s share of the limelight, while popular applications (read the report to learn which application GTIC researchers determined to be the most vulnerable) and vulnerabilities kept security experts busy throughout the year.

Along those same lines, GTIC researchers analyzed 2018 MSSP data, once again discovering that patch management is a key element to securing a network environment. Vulnerabilities in Apache Struts, Drupal, and Microsoft IIS all took center stage throughout 2018, with attacks on Apache Struts vulnerabilities comprising 35% of all vulnerability attacks in December alone.

Additionally, TA505, an advanced persistent threat (APT) recently shifted its focus to targeting U.S. companies in the retail sector. At the onset, this may seem like just another piece of security news, but what is most interesting here is that this is the first time researchers have observed TA505 shifting their focus in this way.

Finally, GTIC researchers dived deep to determine the biggest vulnerability of the month – the one you simply must know about – and what you can do about it!

Read the full report here.