HP: Fewer security vulnerabilities reported, but risk escalating

Cyber security threats are becoming more dangerous partially because they're now harder to predict, as seen with hacktivist group attacks from the likes of Anonymous and Lulz Security.

Fewer security vulnerabilities have been reported on an annual basis since 2006, but that doesn't mean the threats are getting any less severe, according to Hewlett-Packard.

Published on Thursday, HP's 2011 Top Cyber Security Risks Report tackles what kinds of security threats are growing and the possible ramifications if/when they get out of control.

Although the disclosure of new vulnerabilities in commercial applications dropped by nearly 20 percent in 2011 from the previous year, nearly a quarter of all new vulnerabilities disclosed in commercial applications in 2011 were rated as quite severe.

In fact, HP found that approximately 36 percent of all vulnerabilities are in commercial web applications.

One of the most popular cyber attack methods in 2011 was using web exploit toolkits, which reportedly saw higher success rates.

HP researchers explained in the report, "these 'packaged' attack frameworks are traded or sold online, enabling hackers to access enterprise IT systems and steal sensitive data."

Cyber security threats are becoming more dangerous partially because they're now harder to predict, as seen with hacktivist group attacks from the likes of Anonymous and Lulz Security.

Thus, with unpredictable motivations, these targeted attacks are then harder to combat -- whether it be proactively or reactively.

Related: