23. January 2022

This article has been indexed from

CySecurity News – Latest Information Security and Hacking Incidents

According to Tenable’s analysis of 1,825, breach data incidents publicized between November 2020 and October 2021, at least 40,417,167,937 records were exposed globally in 2021. This is risen from 730 publicly announced incidents with just over 22 billion data exposed over the same period in 2020. 

Organizations can efficiently prioritize security operations to stop attack paths and protect key systems and assets by studying threat actor behavior. Many of the events investigated for this research can be easily mitigated by fixing legacy flaws and fixing misconfigurations, which can help limit attack routes. 

In 2021, ransomware had a huge impact on businesses, accounting for about a 38% of all data breaches.  and unsecured cloud databases were responsible for 6% of all breaches. SSL VPNs that haven’t been patched remain an ideal entry point for cyberespionage, exfiltrating sensitive and proprietary data, and encrypting networks. 

Threat groups, particularly ransomware, have been progressively exploiting Active Directory flaws and misconfigurations. When security controls and code audits are not in place, software libraries and network stacks that are frequently utilized among OT devices might create additional threats. 

Cyberespionage operations used the software supply chain to acquire sensitive data, whereas ransomware groups preferred physical supply chain disruption as a technique to extract payment. Dat

[…]

Content was cut in order to protect the source.Please visit the source for the rest of the article.

Read the original article: