Brute-forcing passwords, as well as the exploit of ProxyLogon vulnerabilities against Microsoft Exchange Server, were among the most popular attack vectors last year.
According to ESET’s Q3 Threat Report, covering September to December 2021, while the rates of supply chain attacks rose over 2020, 2021 was defined by the continual discoveries of zero-day vulnerabilities powerful enough to wreak havoc on enterprise systems.
The discovery of zero-day flaws in Exchange Server and Microsoft’s emergency patches to resolve the on-premise issues continued to haunt IT administrators well into the year.
Brute-force and automated password guessing, such as through dictionary-based attacks, were the most frequent attack vectors detected according to ESET telemetry. Attacks against remote desktop protocol (RDP) increased by 274% during the four-month period.
“The average number of unique clients that reported at least one such attack per day shrank by 5% from 161,000 in T2 2021 to 153,000 in T3 2021,” the report says. “In other words, the intensity of RDP password-guessing attacks is growing rapidly yet the pool of potential victims is becoming smaller.”
Public-facing SQL servers and SMB services also saw an uptick in credential-based attacks.
Exchange Server’s ProxyLogon bugs secured the second spot, however, when it came to popular attack