Cybersecurity loopholes are appearing in often overlooked endpoints, according to a Q3 report by the security company Trend Micro.
Routers and point-of-sales (PoS) systems are frequently exploited through such bugs by attackers, due to the equipment’s role in handling and storing data within corporate and home networks.
Raimund Genes, CTO at Trend Micro, said: "Our findings confirm that we are battling rapidly moving cybercriminals and evolving vulnerabilities simultaneously.
"With this fluidity, it’s time to embrace the fact that compromises will continue, and we shouldn’t be alarmed or surprised when they occur."
The US had more PoS malware than any other country studied in the report, which has been used to steal payment card data in so-called "mega breaches" against retailers like Target and Home Depot.
Cybercriminals are also using updated versions of popular malware to carry out attacks, and make use of banking trojans to target the bank accounts of victims.
Also covered in the report is Shellshock, a bug involving the Bash command line common to Mac, Linux and Unix operating systems, thought to be even more dangerous than the Heartbleed OpenSSL bug.
According to Trend Micro, the emergence of Shellshock after 20 years suggests other problems may plague legacy technology, and are just waiting to be discovered.
"Preparation is key and as an industry we must better educate organizations and consumers about heightened risks as attacks grow in volume and in sophistication," Genes added.
"Understanding that cybercriminals are finding vulnerabilities and potential loopholes in every device and platform possible will help us confront these challenges so technology can be used in a positive way."
