Recent research conducted by Bitdefender reveals a number of concerning cybersecurity trends. The fact that more than half of organisations have experienced a data breach in the past year is alarming, and the majority of those affected have been instructed to keep the data leak a secret, making it difficult to take the necessary precautions to prevent future breaches.
The recent trend of threat actors identifying vulnerabilities with PoC (Proof-of-Concept) targeting popular software (examples include Log4j, Microsoft Exchange, VMware ESXi, and the most recent vulnerability in MSMQ) and quickly weaponizing them may explain why vulnerability and zero-day exploits are viewed as the greatest threat by the majority of Bitdefender survey respondents.
This strategy permits attackers to exploit software vulnerabilities prior to the release of updates, putting organisations at risk of a data breach. Once a vulnerability has been weaponized, it can be swiftly distributed to other attackers, making it challenging for organisations to defend themselves.
Therefore, organisations must implement effective patch management processes to ensure that vulnerabilities are identified and patched as soon as feasible. In addition, robust detection and response capabilities can aid in identifying and mitigating attacks that circumvent conventional security measures.
If software vendors are held accountable for security vulnerabilities in their products, it could lead to a stronger focus on security during the development process. This could result in better-quality software with fewer vulnerabilities and a more secure overall environment for users.
Ransomware Report
Oftentimes, spear phishing is the initial attack vector, and ransomware infection is the concluding step in the kill chain. For this report, we examined malware detections accumulated by our static anti-malware engines in March 2023. Nota bene: we only measure the total number of infections, not their monetary impact. Since they value quantity over quality, opportunistic adversaries and some Ransomware-as-a-Service (RaaS) groups represent a greater proportion than groups that are more selective in their target selection.
Bitdefender provides hundreds of millions of endpoints worldwide with cybersecurity solutions and advanced threat protection. Over 150 technology companies have licenced and integrated Bitdefender technology into their products and services. This extensive OEM ecosystem supplements the telemetry data already collected by our enterprise and consumer solutions. Bitdefender Labs discover 400+ new threats per minute and validate 30 billion threat queries per day to provide a sense of scope. This provides one of the most comprehensive real-time views of the evolving threat landscape in the industry.