Today I will be introducing a new Community Feature:
Inside of the Vulnerability Focus, we will be talking about recent Threats or Vulnerabilities that have been discovered. Information that every Security Professional can use to help protect their networks.
This week I will be covering Scott Simkin's (from Unit 42) recent "2015 Verizon Data Breach Investigations Report (DBIR): Insights from Unit 42" blog.
Inside that blog, Scott talks about the results from the 2015 Verizon Data Breach Investigations Report (DBIR). Verizon's report includes several topics, including:
What effect does mobile malware have on data security?
How can you better estimate the financial impact of a data breach?
"The 2015 Verizon Data Breach Investigations Report (DBIR) represents the first time Palo Alto Networks has contributed data to this important publication, and we are proud to be part of an intelligence-sharing ecosystem that, in the end, raises the collective bar for everyone in the industry."
There are some interesting quotes from the report, here are a few:
“70 to 90% (depending on the source and organization) of malware samples are unique to a single organization.”
“In 70% of the attacks where we know the motive for the attack, there’s a secondary victim.”
“99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE was published.”
"The most common methods observed in these types of attack are:
Watering hole attacks (also known as strategic web compromise), where an organization’s website is infected with exploit code to try and infect visitors to their site.
DDoS attacks, where web servers or other high-bandwidth hosts are compromised and used in an attack on another target."
I would recommend that you read the Unit 42 article first. Then visit Verizon's page for more info. (Links are below)