The 19th edition of the Verizon Data Breach Investigations Report analyzes data from 31,000 security events, including 22,000 confirmed breaches across more than 145 countries. The report theme focuses on maintaining a strong security foundation amid change. Software vulnerabilities surpassed stolen credentials as the primary way attackers gain access. Mobile devices became a preferred target. Ransomware accounted for 48% of breaches, while payouts decreased. Breaches often involved the human element, with social engineering appearing in 16% of breaches. Mobile-centric phishing produced higher click rates than email phishing. Many users used non-corporate AI accounts on corporate devices, and third-party involvement rose to 48% of breaches. AI bot traffic increased globally.
"Software vulnerabilities have surpassed stolen credentials (for the first time) as the predominant way attackers gain access. Mobile devices have become the new favorite target. 15 various attack techniques are being enhanced with generative AI."
"Nearly half of all breaches (48%) involve ransomware; however, payouts are decreasing. 31% of breaches begin with software vulnerabilities, making them the top way malicious actors gain access. A majority of breaches (62%) involved the human element, with social engineering being the third most frequent breach pattern at 16% of all breaches."
"Mobile-centric phishing sees 40% more successful "click" rates than email phishing attempts. 67% of users leverage non-corporate AI accounts ("Shadow AI") on corporate devices. Shadow AI is the third most frequent non-malicious insider data loss action."
"Third-party involvement in breaches increased by 60% from the previous year and reached nearly half (48%) of all breaches. Global traffic from AI bot crawlers and fetchers grew 21% month-over-month, with a 4% increase for fetchers and a 32% increase for crawlers."
Read at Securitymagazine
Unable to calculate read time
Collection
[
|
...
]