The latest Verizon Data Breach Investigations Report (DBIR) was released in May, and we’re still unpacking all the golden nuggets inside! This annual report ranks the most common ways organizations get breached, leading to the disclosure of information. It also reports on the most common types of incidents, which are events that compromise the integrity of data for a company.
As we combed through this year’s report, a similar but mounting theme arose: web application security. Over the past few years, web applications have become the biggest target for attacks, as they’re an easy way for hackers to gain access to valuable information. This year, that theme only continued to resonate.
Source: Verizon Data Breach Investigations Report
If you collect payments such as credit card data or deal with PHI data in the healthcare sector, web apps can be a gold mine for adversaries. So long as valuable data is held in the cloud, attackers will be at the ready, and this trend unfortunately isn’t going away anytime soon.
Source: Verizon Data Breach Investigations Report
As the figures above show, these include attacks against exploiting code-based vulnerabilities as well as attacks against authentication, such as hacking and stolen credentials. The report also reported that SQL injections and PHP injections are the most commonly exploited vulnerabilities, which makes sense considering these attacks are quick and easy ways of extracting profit from an exposed system.
Source: Verizon Data Breach Investigations Report
Additionally, the DBIR reported that web applications were the top attack patterns ..
Support the originator by clicking the read the rest link below.
