Annual review regarding vulnerabilities and attacks for 2022
Date : February 15, 2023
The aim of this review is to highlight the general tendencies and threat evolution to help the community to enhance their protections.
This document is available:
- In English: Annual Report on Attacks and Vulnerabilities in 2022
- In French: Bilan Cert-IST 2022 des failles et attaques
In this report, Cert-IST analyses the most significant trends for 2022:
- The main vulnerabilities
- Infostealer malware dominates 2022 news
- A year of stabilisation for ransomware?
- RU-UA war redefines the role of cyber in conflict
- SCADA threat increases with PIPEDREAM malware
- Supply Chain attacks target outsourced operations too
- The rise of Hackers-for-hire and offensive products for states
- Other phenomena observed :
- Attacks on MFAs
- BruteRatel and new offensive tools
- Windows: Bring Your Own Vulnerable Driver
- Fewer Exploits published before the attacks
Image generated with https://worditout.com/
