Threats have increased exponentially with no signs of slowing down. We witnessed millions of active exploitation attempts in 2021 for Log4Shell alone, and the number of detections is still climbing. Furthermore, threat actors are now using automation and as-a-service offerings, sophisticated tools and evasive tactics to bypass the security defenses many organizations have in place today. Using these tools and approaches, often offshoots of popular Red Team tools, adversaries have improved the speed and success rate of attacks.
In this report by our Unit 42 Threat Intelligence Team, we provide insight into newly reported network vulnerabilities in 2021 as well as emerging advanced threats observed in the wild. The data collected provides critical insights that will help us understand how the network threat landscape will evolve over the coming year so that we can better defend our networks. We also provide security recommendations for organizations to protect themselves and reduce risk. By reading this report, we hope organizations will be able to improve their security posture and better defend against persistent threats, thereby mitigating risk, lowering response times, and maximizing security investments.