Related Links

Rapid7, Inc., a provider of security analytics and automation announced the release of its latest Vulnerability Intelligence Report examining the 50 most notable security vulnerabilities and high-impact cyber attacks in 2021.

On any given day, security professionals must prioritise and address viable threats from an overwhelming number of reported vulnerabilities.

Understanding security threats

Rapid7 researchers analyse thousands of vulnerabilities each year to understand root causes, dispel misconceptions, and share information on why certain flaws are more likely to be exploited than others. From this research, the team creates a report of the highest priority CVEs based on their likelihood of widespread exploitation.

We research and publish this report to contextualise the vulnerabilities that introduce serious risk to a wide range of organisations,” said vulnerability research manager and lead Vulnerability Intelligence Report author, Caitlin Condon. “Our goal is to highlight exploitation trends, explore attacker use cases, and offer a framework for understanding new security threats as they arise.”

Highlights of the Vulnerability Intelligence Report

The report highlights 50 vulnerabilities from 2021 that posed a considerable risk to businesses of all sizes

The Rapid7 2021 Vulnerability Intelligence Report highlights 50 vulnerabilities from 2021 that posed a considerable risk to businesses of all sizes. Of those 50 vulnerabilities, 43 were exploited in the wild. Furthermore, vulnerabilities classified as “widespread threats” for the scale at which they were exploited increased 136% over the previous year.

Key findings from the research report include:

  • Broad, opportunistic exploitation increased significantly in 2021. 66% of vulnerabilities in this report were classified as widespread threats, compared to only 28% in 2020.
  • More than 60% of widespread threats cited in this report have been used in ransomware operations, and more than half of widespread threats began with a zero-day exploit.
  • More than half (52%) of the known exploited vulnerabilities in this report came under attack within one week of public disclosure, and the average time to known exploitation decreased from 42 days in 2020 to just 12 days in 2021.

In years past, vulnerabilities and hacking incidents led to fewer widespread attacks,” added Condon. "The recent increase in ransomware, coin mining, and other widespread attacks means the probability of an 'average business' being targeted has correspondingly increased.”

Download PDF version Download PDF version

Related videos

Upgraded feature for Xesar - Now with smartphone as well!

Upgraded feature for Xesar - Now with smartphone as well!
Enhancing government security with proactive threat detection from Wavestore

Enhancing government security with proactive threat detection from Wavestore
Join the biggest hour for Earth

Join the biggest hour for Earth

In case you missed it

What's new in technology serving the transportation market?
What's new in technology serving the transportation market?

Transportation enables the movement of goods and people, facilitates trade and commerce, and is crucial for businesses to operate and expand. Security technology plays a major role...

What is the expanding role of audio in today's physical security systems?
What is the expanding role of audio in today's physical security systems?

Audio might detect sounds like breaking glass or footsteps before a person even enters the field-of-view of a video camera. Audio also helps to provide context: Someone running in...

Marin Hospital enhances security with eCLIQ access control
Marin Hospital enhances security with eCLIQ access control

The Marin Hospital of Hendaye in the French Basque Country faced common challenges posed by mechanical access control. Challenges faced Relying on mechanical lock-and-key technol...

Featured white papers
Access control system planning phase 2

Access control system planning phase 2

Download
Honeywell GARD USB threat report 2024

Honeywell GARD USB threat report 2024

Download
The role of artificial intelligence to transform video imaging

The role of artificial intelligence to transform video imaging

Download
DNAKE Cloud Intercom: Dive into V1.5.1 Updates

DNAKE Cloud Intercom: Dive into V1.5.1 Updates

Download
Video surveillance

Video surveillance

Download
Quick poll
Which feature is most important in a video surveillance system?
More corporate news
DigiCert names Software Industry Veteran Christophe Bodin as Chief Revenue Officer

DigiCert names Software Industry Veteran Christophe Bodin as Chief Revenue Officer
The VPS Group suggests people to deploy extra security measure to avoid criminal activities during holidays

The VPS Group suggests people to deploy extra security measure to avoid criminal activities during holidays
Leonardo with ELIS to combat the phenomenon of early school leavers

Leonardo with ELIS to combat the phenomenon of early school leavers
Featured products
Dahua Eyeball Network Camera with Advanced Detection

Dahua Eyeball Network Camera with Advanced Detection
Anviz AI-driven Fisheye Dome Network Camera

Anviz AI-driven Fisheye Dome Network Camera
Honeywell SMX: Cybersecurity for Operational Environments

Honeywell SMX: Cybersecurity for Operational Environments