Security News > 2022 > May > APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days
Most advanced persistent threat groups use known vulnerabilities in their attacks against organizations, suggesting the need to prioritize faster patching rather than chasing zero-day flaws as a more effective security strategy, new research has found.
One belief the research debunked is that all APTs are highly sophisticated and prefer attacking zero-day flaws rather than ones that have already been patched.
Of the 86 APTs that researchers investigated, only eight-Stealth Falcon, APT17, Equation, Dragonfly, Elderwood, FIN8, DarkHydrus and Rancor-exploited vulnerabilities that others didn't, researchers found.
This finding promotes faster updates to fix known flaws in organizations' systems rather than taking their time to apply updates that are released for known vulnerabilities, which seems to be the trend right now.
Overall, researchers acknowledged that APTs present a unique challenge to organizations, as it's difficult to predict if and when an attack will occur and thus it's basically out of their control, they said.
Organizations could perform "12 percent of all possible updates, restricting themselves only to versions that fix publicly known vulnerabilities" without significantly changing their odds of being compromised, researchers wrote.