The company delves into the threats to offer defenders a better understanding of what constituted dangerous vulnerabilities in 2020, says Caitlin Condon, manager of software engineering at Rapid7. There was a pervasive feeling in the information-security community, especially among defenders, that the sky was falling nearly all the time, she says. It is often very difficult for the people in charge of security to look at all the research materials and all the artifacts at all the information about a vulnerability and determine why a vulnerability may matter or not matter for their risk model.
In the report, Rapid7 breaks down the threats into flaws exploited indiscriminately in widespread attacks (28%), security issues often, zero-day vulnerabilities used in targeted attacks (32%), and vulnerabilities the company considers to be impending threats (40%).
Threat actors bypassing shoddy patching, targeting network gateways
Pictured: Rapid7 headquarters in Boston.
A new report from Rapid7 examining the 2020 vulnerability landscape finds that criminal and nation-state hackers are increasingly relying on attacks that target gateways to corporate networks and finding alternative ways to exploit patched flaws.
The report found that the volume of published vulnerabilities has increased âsignificantlyâ over the past five years, with 18,362 reported in 2020 alone. It also examined dozens of critical or high-impact vulnerabilities discovered throughout the past year, some of which have been turned into well-known exploits and others that are sitting quietly in the background, waiting to be weaponized for widespread use by the right hacking group or ransomware operator.
Streamlining permitting paves way for advanced reactor innovation
DOE/Pacific Northwest National Laboratory
By Kelsey Adkisson, PNNL
Whether it is electric cars or coffeemakers, the electrons in the electric must come from somewhere. Roughly 20% of U.S. energy comes from nuclear power. This number is expected to rise to meet carbon-free power demands, particularly in fossil-fuel-dependent areas where alternatives like hydropower, wind, or solar aren t an option or need a boost because they tend to be intermittent.
Companies are developing smaller and safer reactor technology to meet rising energy demands. Long before an excavator breaks ground to construct a new nuclear reactor, however, there s a multi-million-dollar licensing process to evaluate new designs. This process can take nearly half a decade to navigate.