Verizon Breach Report: Vulnerability Hacks Tripled in 2023
BankInfoSecurity
|
Contributed by: Drex DeFord
Summary
The 17th annual 2024 Data Breach Investigations Report from Verizon underscores a significant increase in the exploitation of vulnerabilities, with occurrences tripling primarily through ransomware targeting zero-day vulnerabilities. The report, led by Alex Pinto from the Verizon Threat Research Advisory Center, points out the MOVEit vulnerability as a prime example of this trend and highlights a concerning disparity between the speed of exploitation and the pace of patching efforts by organizations. Pinto emphasizes the critical need for better vulnerability management, especially for perimeter and external-facing vulnerabilities, and the role of vendor management in improving security outcomes. Additionally, he touches upon the challenges posed by third-party and supply chain vulnerabilities, the evolving nature of ransomware and extortion attacks, and the vital importance of security training and awareness programs to mitigate human errors.
