- Flashpoint report claims over 80% of exploited flaws are n-days, not zero-days
- Average time to exploit dropped from 745 days (2018) to just 44 days (2025)
- Attackers focus on firewalls, VPNs, and edge devices; China most active in exploitation campaigns
While zero-day vulnerabilities may sound ominous, it is n-day ones which are driving most cyberattacks, experts have warned.
Security researchers Flashpoint unveiled new research based on entries in CISA’s KEV, as well as in-house data about the average Time to Exploit (TTE).
As per the analysis, more than 80% of all exploited vulnerabilities tracked over the past four years were not zero-days (newly discovered flaws without a patch), but rather n-days ones (those who were known for longer, and have already been mitigated with a patch or a workaround).
Firewalls and VPNs first targets
This might sound counter-intuitive, since patched vulnerabilities can be easily fixed by, well, deploying the patch. However, six years ago, the average Time to Exploit (the gap between public disclosure and observed exploitation) was 745 days, meaning defenders had a two-year grace period to patch, before expecting an attack.
Last year, TTE was down to 44 days. That means that cybercriminals are actively monitoring news of newly patched vulnerabilities and are acting fast to exploit them. It is easier to lean onto an already known vulnerability, rather than hunt for one themselves, and if the victims aren’t diligent with patching, they become low-hanging fruit.
Of all the different hardware and software, they can target, miscreants are primarily interested in security and perimeter technologies, such as firewalls, VPN gateways, and edge devices. They are every attacker’s first choice because they must remain internet-facing, and as such are a logical first step.
Nation-state activity “remains prominent”, Flashpoint added, stressing that China was identified as the most active vendor in vulnerability exploitation campaigns.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!
And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.
https://cdn.mos.cms.futurecdn.net/oyKgE5jTrnx6fQA6dwPuCj-2560-80.jpg
Source link
