While the infosec industry is used to reading (and pumping out) FUD about software vulnerabilities, eye-catching research suggests about 500 vulns were exploited in 2019 – despite 18,000 new CVEs being created. Kenna Security, a US infosec firm, reckons that despite thousands of vulnerabilities being assigned a Common Vulnerabilities and Exploitations (CVE) tracking number in the year, just 473 of those were actively being exploited in ways likely to impact enterprises.
Read full article on The Register