Virtualization Technology News and Information
Coalition's Cyber Threat Index 2024 Predicts Total Published CVEs to Increase by 25% in 2024
Coalition published its Cyber Threat Index 2024, detailing insights on cybersecurity trends from 2023 and emerging threats businesses should be aware of in 2024. According to the report, Coalition expects the total number of common vulnerabilities and exposures (CVEs) to increase by 25% in 2024 to 34,888 vulnerabilities, or roughly 2,900 per month.

"New vulnerabilities are published at a rapid rate and growing. With an influx of new vulnerabilities, often sprouting via disparate flagging systems, the cyber risk ecosystem is hard to track. Most organizations are experiencing alert fatigue and confusion about what to patch first to limit their overall exposure and risk," commented Coalition's Head of Research, Tiago Henriques. "In today's cybersecurity climate, organizations can't be expected to manage all of the vulnerabilities on their own; they need someone to manage these security concerns and help them prioritize remediation. We share these insights, as well as our Coalition Exploit Scoring System, in the hopes that it will make the complicated cyber ecosystem a little more manageable for companies of all sizes."

Other key findings from the report include:

  • Unique IP addresses scanning for Remote Desktop Protocol (RDP) increased by 59%. This is particularly concerning because Coalition data also reveals that businesses with RDP exposed to the internet are the most likely to experience a ransomware event.
  • Scans found that around 10,000 businesses are running the end-of-life (EOL) database Microsoft SQL Server 2000, and over 100,000 businesses are running EOL Microsoft SQL servers.
  • Honeypot (sensor) activity spiked by 1,000% 16 days before Progress Software issued its MOVEit security advisory.

Coalition's honeypots monitor for spikes to identify the biggest CVEs before they make news headlines - thus providing companies with the opportunity to take action before an incident can occur. These large-scale cyber events, like MOVEit or Citrix Bleed, could have been contained if businesses had dedicated managed detection and response (MDR) solutions in place.

"Coalition has first-hand experience demonstrating that MDR can reduce attack response time by 50% or more - a massive impact to help protect businesses from cyber threats," said John Roberts, General Manager, Security, at Coalition. "We're at the point where just setting and forgetting a technology solution is not enough anymore, and experts need to be involved in vulnerability and risk management. With MDR, after technology detects suspicious activity, human experts can intervene in numerous ways, including isolating impacted machines or revoking privileges. Coalition has experience doing exactly this to stop cyber criminals mid-attack."

Coalition is on a mission to protect the unprotected: Improving security defenses and outcomes for policyholders and non-policyholders to bolster resilience and reduce cyber risk worldwide. Coalition leverages its unique insights as an insurance provider to educate the market about what security concerns contribute to losses and shares these insights with others to spread awareness about these risks and provide ways for organizations, policyholders or not, to remediate them.

To read Coalition's full findings and download the complete report, visit:

Published Wednesday, February 21, 2024 8:34 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2024>