Threat Intelligence Times

A new report by Recorded Future, a leader in threat intelligence, finds that cyber exploits can be anticipated with a high degree of accuracy using open vulnerability data. The report, released yesterday, details the use of machine learning and data mining to find correlations in vulnerability data, which enabled the company’s analysts to determine the types of vulnerabilities most likely to be exploited.

By combining data from the National Vulnerability Database with Common Vulnerability Scoring System (CVSS) and Common Weakness Enumeration (CWE) numbers, Recorded Future were able to produce a mathematical model which could be used with machine learning algorithms. The team has rigorously tested their model, examining the impact of each feature (e.g. severity score, access vector, etc.) and benchmarking multiple ML algorithms, ultimately arriving at an anticipation accuracy of 83%.

The report also found that hackers are increasingly likely to target Content Management Systems (CMS), most likely due…

View original post 25 more words