CVE exploitation nearly tripled in 2023, Verizon finds

May 2, 2024Source: Cybersecurity Dive

Found this useful? Share it with your network

In 2023, the exploitation of software vulnerabilities nearly tripled as an initial access vector for cyber breaches, accentuated by incidents like the MOVEit breach, according to Verizon's Data Breach Investigations Report. Ransomware attacks increasingly leveraged zero-day vulnerabilities, with a third of all breaches involving extortion, notably via Clop ransomware's exploitation of MOVEit. The report further indicated a 68% increase in breaches involving third parties, underscoring the growing vulnerabilities within software and supply chains. The findings emphasize the urgent need for enterprises to improve software vulnerability remediation, which takes an average of 55 days for half of critical vulnerabilities, and enhance cybersecurity education among workers. The report, analyzing a record 30,458 security incidents and 10,626 confirmed breaches, highlighted the significant role of human error and social engineering in breaches, demonstrating the critical need for comprehensive cybersecurity strategies that include both technological and human elements.

Read Full Article

Opens on Cybersecurity Dive

More News

AMA Asking For Stronger Safeguards on AI Mental Health Chatbots

April 29, 2026MobiHealthNews

Andrea Daugherty Appointed Chief Information and Digital Transformation Officer at ARMC

April 24, 2026arrowheadregional.org

Craig Richardville Appointed Chief Digital and Information Officer at UF Health

April 13, 2026ufhealth.org

Former AMA Exec Margaret Lozovatsky Named CDIO At Premier Health

April 10, 2026premierhealth.com

Signature Healthcare Diverts Ambulances Following Cybersecurity Incident

April 8, 2026SecurityWeek

More Than 100 Hospitals Suing HHS Over Alleged Underpayment

April 6, 2026MedCity News