CyberHappenings logo
☰
🏠 Home πŸ“‚ Browse ℹ️ About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Vulnerability Management Challenges and Market Shifts

First reported
Last updated
πŸ“° 1 unique sources, 1 articles

Summary

Hide β–²

The vulnerability management market faces significant challenges due to an increasing number of vulnerabilities and a shift to cloud environments. The current approach of identifying vulnerabilities without addressing risks has led to alert fatigue and ineffective security measures. Network edge devices are increasingly targeted, with a notable rise in exploits from 2023 to 2024. The industry is shifting towards integrated risk management solutions, focusing on cloud and network device security to address these issues. Vendors have historically focused on identifying vulnerabilities rather than mitigating risks, leading to inefficiencies. The transition to cloud environments offers tighter control but introduces new complexities, especially with heterogeneous network devices. Threat actors are exploiting these vulnerabilities to bypass network defenses, highlighting the need for urgent and automated remediation solutions.

Timeline

  1. 08.09.2025 17:00 πŸ“° 1 articles Β· ⏱ 8d ago

    Vulnerability Management Market Challenges and Shifts

    The vulnerability management market is facing significant challenges due to an increasing number of vulnerabilities and a shift towards cloud environments. Current practices prioritize identification over risk mitigation, leading to alert fatigue and ineffective security measures. Network edge devices are increasingly targeted, with a notable rise in exploits from 2023 to 2024. The industry is shifting towards integrated risk management solutions, focusing on cloud and network device security to address these issues.

    Show sources
    Open in new tab

Information Snippets

  • The vulnerability management market is struggling due to an increasing number of vulnerabilities and a shift towards cloud environments.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • Current vulnerability management practices often prioritize identification over risk mitigation, leading to alert fatigue.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • Network edge devices are increasingly targeted by threat actors, with a significant rise in exploits from 2023 to 2024.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • Three of the four most-exploited vulnerabilities in 2024 were zero-days affecting edge devices.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • Only 54% of network device vulnerabilities were fully remediated in 2024, taking a median of 32 days.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • The average time to exploit vulnerabilities has dropped to five days, outpacing remediation times.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

  • The industry is shifting towards integrated risk management solutions, focusing on cloud and network device security.

    First reported: 08.09.2025 17:00
    πŸ“° 1 source, 1 article
    Show sources

Similar Happenings

Fourth Spyware Campaign Targeting French Apple Users in 2025

Apple has notified French users of a fourth spyware campaign in 2025. The Computer Emergency Response Team of France (CERT-FR) confirmed the alerts on September 3, 2025. The campaign targets individuals based on their status or function, including journalists, lawyers, activists, politicians, and senior officials. The alerts are part of a series of notifications sent throughout the year, with previous alerts on March 5, April 29, and June 25. These alerts indicate that at least one device linked to the users' iCloud accounts may have been compromised in highly-targeted attacks. The campaign follows a previous incident involving a security flaw in WhatsApp (CVE-2025-55177) and an Apple iOS bug (CVE-2025-43300), which were used in zero-click attacks. Apple has been sending these notifications since November 2021. Apple introduced Memory Integrity Enforcement (MIE) in the latest iPhone models to combat memory corruption vulnerabilities.

Open in new tab

Akira Ransomware Group Exploits SonicWall SSL VPN Flaws

The Akira ransomware group has been actively exploiting SonicWall SSL VPN flaws and misconfigurations to gain initial access to networks. This campaign has seen increased activity since late July 2025, targeting SonicWall devices to facilitate ransomware operations. The group leverages a combination of security vulnerabilities, including a year-old flaw (CVE-2024-40766) and misconfigured LDAP settings, to bypass access controls and infiltrate networks. Organizations are advised to rotate passwords, remove unused accounts, enable multi-factor authentication, and restrict access to the Virtual Office Portal to mitigate risks. The Australian Cyber Security Centre (ACSC) has acknowledged Akira's targeting of SonicWall SSL VPNs and issued alerts about the increased exploitation of CVE-2024-40766.

Open in new tab

Microsoft September 2025 Patch Tuesday fixes 81 vulnerabilities, including two zero-days

Microsoft released updates for 80 vulnerabilities on September 2025 Patch Tuesday. None of these vulnerabilities were zero-days. The updates address eight critical flaws, including five remote code execution vulnerabilities, one information disclosure, and two elevation of privilege vulnerabilities. The vulnerabilities span various categories: 38 elevation of privilege, 2 security feature bypass, 22 remote code execution, 14 information disclosure, 3 denial of service, and 1 spoofing. One zero-day vulnerability was fixed in Windows SMB Server. The updates also include hardening features for SMB Server to mitigate relay attacks, with recommendations for administrators to enable auditing. The patch includes 38 elevation of privilege vulnerabilities, the highest number among all categories. CVE-2025-54918 is an EoP vulnerability in Windows NT LAN Manager (NTLM) marked as critical. CVE-2025-54111 and CVE-2025-54913 are EoP flaws in Windows UI XAML, allowing privilege escalation via phished credentials or malicious Microsoft Store apps. CVE-2025-55232 is an RCE vulnerability in the Microsoft High Performance Compute (HPC) Pack with a CVSS score of 9.8. CVE-2025-54916 is an RCE vulnerability in Windows NTFS that can be triggered by authenticated users. Microsoft's patch update includes recommendations for preparing for the end-of-life of Windows 10 and mandatory multifactor authentication (MFA) for Azure in October 2025.

Open in new tab

Apple patches Image I/O zero-day exploited in targeted attacks

Apple has released emergency updates to fix a zero-day vulnerability (CVE-2025-43300) in the Image I/O framework. The flaw, an out-of-bounds write issue, was exploited in "extremely sophisticated" targeted attacks against specific individuals. The vulnerability affects multiple iOS, iPadOS, and macOS versions and devices. Apple has not attributed the discovery to a specific researcher or provided details about the attacks. The flaw allows attackers to exploit the vulnerability by supplying malicious input, potentially leading to remote code execution. Affected devices include various iPhone, iPad, and Mac models running specific versions of iOS, iPadOS, and macOS. The flaw was discovered internally by Apple and addressed with improved bounds checking. The vulnerability has been exploited as part of highly targeted attacks. Users are advised to install the updates promptly to mitigate potential ongoing attacks. CERT-FR has reported at least four instances of Apple threat notifications alerting users about mercenary spyware attacks since the beginning of the year. The attacks target individuals based on their status or function, including journalists, lawyers, activists, politicians, and senior officials. Apple has sent threat notifications to users in over 150 countries since 2021. Apple has backported fixes for the vulnerability to older versions of iOS, iPadOS, and macOS, including iOS 16.7.12, iPadOS 16.7.12, iOS 15.8.5, and iPadOS 15.8.5. The updates also address multiple other security flaws in various Apple products. The flaw was chained with a WhatsApp zero-click vulnerability (CVE-2025-55177) in targeted attacks. The attacks were described as "extremely sophisticated" by Apple and WhatsApp. Samsung also patched a remote code execution vulnerability chained with the CVE-2025-55177 WhatsApp flaw in zero-day attacks targeting its Android devices.

Open in new tab