A recent study shows that exploit kit writers turn away from Java and focus their full attention on Adobe Flash.
According to the study made by NTT Group, the top 10 vulnerabilities targeted by exploit kits during the past year are related to Adobe Flash. Unlike the top 10 vulnerabilities targeted by the exploit kits in 2013, which included one Flash and eight Java vulnerabilities.
The reason for the switch-up is easy to guess. Since 2013, Java vulnerabilities have dropped steadily. While at the same time, the number of publicized Flash vulnerabilities increased by 312% (four-fold) over 2014 levels.
The above-mentioned figures were revealed by the latest edition of NTT Group’s global threat intelligence report on Tuesday. In addition, the report features an expanded view of the threat landscape with input from NTT’s key partners – Lockheed Martin, Wapack Labs, Recorded Future and the Center for Internet Security.
The report analyzes threats and trends from the previous year, gathering information from 24 security operations centers, seven R&D centers, 3.5 trillion logs, 6.2 billion attacks and about 8,000 security clients across six continents.
Almost 21% of vulnerabilities detected in client networks were more than three years old. The results included vulnerabilities from 1999, making them more than 16 years old.
The spear phishing attacks totaled approximately 17% of the incident response activities supported during the past year.
According to NTT Group, an 18% rise in malware has been registered for every industry apart from education.
“NTT clients from the education sector tended to focus less on the more volatile student and guest networks, but malware for almost every other sector increased,” a spokesman from NTT Group’s Solutionary managed security service business stated.