Recently numerous Advanced Persistent Threat groups originating from various countries have been identified, carrying out a wide range of attacks from spear phishing to exploits focused on various entities both commercial and governmental and even military. Many of them exploit zero-day unknown vul-nerabilities for which no patch is available, however there are also many cases in which the patch is publicly known and perfectly accessible to the software administrator, but still it is not applied to vulnerable software. This phenomenon is analyzed in the presented work. The list of most commonly exploited vul-nerabilities has been cross-referenced with commonly available reports of APT actors’ activity, and checked against the raw data from a massively used vul-nerability management solution. The authors postulate that APT groups suc-cessfully exploit the “long tail” of security vulnerabilities that remain unpatched for months and even years, despite the availability of a fix.
|