Virtualization Technology News and Information
Article
RSS
Scary Security Stats: Roundup from 2024 Research

scary-security-stats-2024

Each year, cybersecurity companies publish a number of research reports focusing on different aspects of cybersecurity and breach trends.  Below is a list of some of the most alarming statistics from several reports published throughout the year from various companies.

++

Bitdefender researchers found that 40% of Halloween-themed spam is malicious and urges the public to be on alert as Halloween is the cybercrime start of the holiday scam season. Bitdefender researchers expect online shopping scams to continue to increase through December.

Additional key findings include:

  • Halloween-themed spam rose 18% between Oct. 1-16, compared to the entire month of September.
  • 71% of the spam is hitting U.S. inboxes followed by Germany (9%) and the UK (5%).
  • Walmart, Costco, Aldi, and other major brands are being used as lures.

++

A recent survey from Extreme Networks found that security is an ongoing challenge for CIOs and senior IT leaders.

  • 58% of respondents said managing and securing new devices being added to the network was one of their top three complexities.
  • 57% ranked protecting the network against potential threats as one of their top three challenges.
  • 40% cite that their biggest concern with AI is keeping data secure.

++

Earlier this year, Zerto partnered with IDC to conduct a ransomware and disaster preparedness survey. The report highlights the significant challenges faced by organizations relying solely on backup for disaster recovery.

A few of the scary survey findings include:

  • Backup-related issues are the number one cause of data loss, responsible for 32% of incidents.
  • Organizations reported an average of 4.2 data disruptions per year requiring an IT response, including one ransomware attack and one internal attack per year on average.
  • 48% of organizations that paid a ransom did so despite having valid backups, with the most common reasons being a desire for a speedier recovery or minimized data loss.
  • Only 20% of ransom-payers were able to fully recover their data after payment, creating a "worst of both worlds" situation.

++

Deepfakes are now a major cybersecurity threat, with 36% of IT and security leaders witnessing these attacks first-hand, according to Keeper Security’s global 2024 Insight Report. A staggering 95% of respondents reported that cyber attacks are becoming more sophisticated, and many feel unprepared to combat threats like deepfake technology (30%) and AI-powered attacks (35%). As cybercriminals leverage AI to rapidly scale and refine their tactics, the tools in their arsenals are growing more frightening and destructive.
 
Here are some more scary stats to consider:
 
Source: 2024 Keeper Security Insight Report, The Future of Defense: IT Leaders Brace for Unprecedented Cyber Threats. Findings are based on a survey of more than 800 IT and security leaders around the globe.

  • 92% of respondents reveal they've seen an increase in cyber attacks year-over-year
  • 95% of IT leaders say that cyber attacks are more sophisticated than ever – and they are unprepared for this new wave of threat vectors
  • 51% of security leaders identify AI-powered attacks as the most serious threat facing their organizations
  • 84% of respondents said that phishing and smishing have become more difficult to detect with the rise in popularity of AI-powered tools
  • 73% of respondents report experiencing a cyber attack that resulted in monetary loss
  • 52% of survey respondents shared that their company's IT team struggles with frequently stolen passwords, underscoring the importance of creating and safely storing strong, unique passwords for every account.

++

Imperva's Threat Research Team released findings that offer an inside look at a surge in AI-driven attacks targeting retailers ahead of the holiday season.  Imperva found that retail sites are experiencing 569,884 AI-driven attacks daily on average and, with peak shopping season around the corner, these attacks will only continue to increase. Here are a few scary stats:

  • On Black Friday alone, the number of ATO attacks spiked by 85%, compared to a 66% increase on Black Friday 2022
  • 82% rise in malicious login requests between October and November 
  • The retail industry suffers from some of the most persistent bot problems, with a high ratio of advanced bad bot traffic at 58% 
  • Evasive Bad Bots make up 70% of all bad bot traffic to retail websites vs. 51% on other websites 

++

Object First recently released research revealing the impact of ransomware attacks on organizations' data.

  • 93% agree immutable, zero trust backup storage is a must-have in today's threat landscape 
  • 44% say it has taken one or more months to recover backup data
  • Outdated backup technology (34%), lack of backup data encryption (31%), and failed data backups (28%) are the top vulnerabilities to attacks
  • 84% say they need better backup security to meet regulations and compliance obligations

++

According to Orca’s recent State of AI Security Report, 56% of companies are using AI to build custom applications with broad exposure to API keys, excessive access permissions, and misconfigurations. This statistic is particularly alarming as it highlights a systemic issue in how the majority of organizations are approaching AI without regard for security. This widespread neglect underscores the urgent need for organizations to prioritize robust security measures in their AI initiatives to safeguard against the cascading effects of an increased attack surface.

Orca's report also found that years after the discovery of Log4Shell, 59% of all organizations have vulnerable assets and 0.6% of all public-facing assets are vulnerable. Many of these workloads have been deployed since 2021's discovery of the very exploitable vulnerability, showing that even the worst vulns continue to slip through into production.

++

A recent Traceable AI study engaged over 150 cybersecurity professionals across the U.S., diving into the growing concern of security breaches against the backbone of modern financial services and APIs. 

A few of the key survey findings include:

  • Detecting and preventing unauthorized access to accounts (35%), sensitive data exfiltration (33%), and identifying API vulnerabilities (30%) are the top concerns for financial organizations.
  • 82% of financial organizations express moderate to extreme concern about complying with federal financial regulations (FFIEC, OCC, CFPB) in relation to their API inventory and security posture.
  • Data loss and brand reputation damage (both 41%) are the top consequences of API-related breaches, followed by financial loss (36%) and customer attrition (35%).
++

Uncovered in the 2024 Specops Breached Password Report, even the strongest passwords can become compromised through password reuse and data breaches - learn the importance of scanning your environment for breached passwords.

  • 123456 was the most common compromised password found in KrakenLab's new list of breached cloud application credentials
  • 31.1 million analyzed breached passwords were over 16 characters in length - showing longer passwords aren't safe from being breached
  • Only 50% of organizations scan for compromised passwords more than once a month

++

Protegrity's The State of Data Security Optimization and Monetization report findings show that the cost and complexity of data compliance is hampering business innovation:

  • Only 2% of organizations can access sensitive data in less than a week. 
  • 69% of organizations are waiting over a month to access data, sometimes between 3-6 months.
  • Nearly half (49%) of respondents are planning to invest up to 15% of their IT budgets on data security.
  • While 84% of respondents stated they are either fully or somewhat prepared to meet PCI compliance requirements, 2% of respondents admitted to being completely unprepared, 14% said they are somewhat unprepared and 46% of respondents were only somewhat prepared.

++

VulnCheck published its State of Exploitation - A Peek into 1H-2024 Vulnerability Exploitation report.

The research revealed that over half (58%) of CVEs confirmed as exploited in the wild for the first time were weaponized before exploitation was disclosed. The study also found that CISA added only 18% of vulnerabilities with known evidence of exploitation to its KEV catalog during the first half of 2024.

Key findings include:

  • VulnCheck sourced evidence of 390 vulnerabilities that were identified for the first time as being exploited in the wild in 1H 2024, approximately 432% more than those captured by CISA KEV in the same time period
  • The most at-risk product categories for newly exploited vulnerabilities include; Network Edge Devices, CMS, Open Source Software, Server Software, and Operating Systems
  • 53 zero-day vulnerabilities, with exploitation evidence available at or before the public disclosure of the vulnerabilities (accounting for 13.6% of the KEVs added to the VulnCheck KEV catalog)
  • 70% of vulnerabilities had one or more POC available prior to exploitation disclosure

++

Halcyon published its Ransomware and Data Extortion Business Risk Report, revealing the significant impact on businesses from ransomware attacks and data exfiltration over the past 24 months. The report found that 66% of organizations infected by ransomware were infected at least twice, and 18% of organizations were infected 10 or more times. 

Key findings include:

  • Nearly two-thirds (60%) of respondents said that sensitive or regulated data was exfiltrated from their organization
  • More than half (55%) reporting the attackers issued an additional ransom demand to protect the exfiltrated data
  • 62% of organizations hit by ransomware reported a major disruption in operations, with 38% saying operations were disrupted for at least two months to more than six months
  • Nearly one-in-five (17%) indicated network remediation (incident response only) cost their organization more than $50 million, 15% said it ran between $5-9 million, and 14% said between $1-4 million
More than half (57%) said the attacks will have a negative impact long-term on their organization's operations, competitiveness, profitability or overall viability.

++

According to Securin, cyberattacks against water and wastewater systems are on the rise.

  • Vulnerability / misconfiguration exploitation (27.5%)
  • Exploit of public-facing application (15%)
  • External remote services (15%)
  • Compromised credentials (10%)

These numbers indicate that threat actors don't need to rely on sophisticated attack mechanisms. They're going after the low-hanging fruit and internet-exposed assets with known, persistent vulnerabilities. For example, Cyber Av3ngers exploited Unitronics PLCs vulnerability CVE-2023-6448 to target the Municipal Water Authority of Aliquippa last year. 

Water and wastewater utilities especially need to pay attention to their IT and OT convergence. These interconnected systems control critical infrastructure. Vulnerabilities in the IT integration can expose vital operations to cyberattacks, potentially disrupting services and compromising public safety. To counter threat actors, constant awareness, analysis and action is needed.

++

JFrog commissioned InformationWeek to conduct a survey of over 200 IT and cybersecurity professionals predominately located in North America to gain a deeper insight into AI adoption as well as MLSecOps best practices.

Key findings of the JFrog-sponsored study show that most companies are reticent to roll out enterprise AI systems due to:

  • Gaps in AI/ML security: An overwhelming majority of firms (79%) say security concerns are slowing their use of AI/ML by the business and/or the integration of AI/ML features into the software they make.
  • Limited visibility into AI/ML software supply chains: Nearly 70% of companies can't detect the origin of AI source code, 67% are unable to track AI-related open-source dependencies and 49% can't control ML model usage.
  • No single source of truth for regulatory and compliance needs: Nearly two-thirds (64%) of organizations lack full confidence in their ability to meet emerging AI regulatory standards in software development.
  • Widespread lack of AI governance: More than half (60%) of companies lack policies for sourcing or licensing training data and (58%) of companies are missing a governance framework for AI developers.

++

Cyware 2024 Threat Intelligence and Collaboration Survey:

  • 70 percent of organizations strive but fail to successfully share threat intelligence information across security teams and platforms.
  • 91 percent of respondents said collaboration and information sharing are very important or absolutely crucial for cybersecurity.
  • More than half (53 percent) said their organization does not currently utilize their industry sector's Information Sharing and Analysis Center (ISAC) or leverage its near real-time threat data.
  • More than a quarter of respondents (28 percent) were unaware of the existence and role of ISACs.
  • Nearly half (49 percent) reported that their organization struggles to derive actionable insights across multiple security tools such as threat intelligence platforms, SIEM, asset management, and vulnerability management platforms.
  • 70 percent said their organization could share more threat intelligence, while only 23 percent said they are currently sharing the right amount of information and just 2 percent believe their organization shares too much threat intel.
  • Asked which teams are least likely to share useful threat intelligence with other departments, 31 percent said DevOps, 17 percent said Security Ops, 16 percent said Threat Intelligence, and 15 percent said IT Ops.

++

VISO TRUST State of Third Party Risk Management in 2024: AI's Impacts & Future Trends:

The report leverages VISO TRUST Platform-derived data which includes profiles of more than 2.4 million companies, and surveyed insights from CISOs, security, and TPRM professionals across various industries.

Drawbacks of Legacy Third Party Risk Management approaches:

  • Inadequate responses: Approximately 75% of vendors responding to legacy questionnaire approaches requiring manual input either ignore or delay crucial risk assessments.
  • False positives: Conventional cyber risk ratings yield a 90% false positive rate, undermining their reliability.

AI-Driven Impacts on Third Party Risk Management:

  • Efficiency gains: AI-assisted modern TPRM programs reduce vendor and partner assessment timelines from months to days.
  • Near-complete coverage: AI and automation achieve almost 100% coverage of third-party networks.
  • Significant increase in true positives: data analysis revealed a 500% rise in accurate risk identifications.
  • Faster assessments: Risk evaluation times have decreased from 60 to 90 days to just five to eight days.
  • Enhanced accuracy: AI-driven methods refine risk assessment precision.

++

Mark43 has conducted regional surveys in California, Massachusetts, and Florida, revealing the fears of local residents regarding cyberattacks:

  • Nearly three quarters (73%) of California residents are worried about cyberattacks impacting the way police manage data and records. (source)
    • Pressing concerns about cyberattacks include:
      • full emergency system outages, leading to delayed 911 response (60%),
      • the risk of confidential data being exposed (54%), and
      • loss of trust in public safety (45%).
  • More than half (53%) of Massachusetts residents fear their local first responders’ duties could be affected by cyberattacks, and 60% worry about emergency systems going down and affecting 911 response times. (source)
  • The majority (62%) of Florida residents are worried about the possibility of emergency systems crashing due to cyberattacks, ultimately affecting response times. (source)

++

A recent survey by Lineaje revealed alarming gaps in readiness regarding the U.S. Cybersecurity & Infrastructure Agency's (CISA) Secure Software Development Attestation Form. Only 20% of businesses were confident they would meet the initial compliance deadline of June 11, 2024.

Key findings from the survey included: 

  • 84% of organizations have not implemented Software Bills of Materials (SBOMs) in their development processes, despite EO 14028 mandating their use since May 2021.
  • Over 2,700 organizations in the U.S. were impacted by software supply chain attacks in 2023, marking the highest incidence since 2017.
  • The number of affected companies has surged by 58% in the past year, highlighting the urgent need for compliance with EO 14028.
  • 65% of respondents reported being unaware of EO 14028, and among those familiar, approximately 50% do not know its specific requirements.
  • Security vulnerabilities are the primary concern for 56% of respondents, followed by compliance issues at 22%.
  • Nearly 60% of companies utilize open-source software components, but only 16% feel confident in their security.
  • 45% of organizations cited budget constraints as a significant barrier to compliance, while 36% pointed to staffing shortages.

These findings underscore the critical need for organizations to enhance their cybersecurity measures and ensure compliance with evolving regulations to mitigate the risks of software supply chain attacks-lest they find themselves haunted by the ghosts of breached data and lost trust.

++

Art Gilliland, CEO Delinea shared:

  • Gaps in identity security are the most common cause of cyber incidents that result in insurance claims.
    • Frequency of cyber insurance claims remains high - 62% have filed a claim in the last 12 months with over 27% filing multiple claims
    • Identity and privilege compromises account for nearly half (47%) of attacks that lead to insurance claims
  • Insurance companies want evidence of identity security before even granting a policy, with 41% requiring authorization controls. And requirements don't stop after policies are granted. You must maintain effective security controls if you expect claims to be paid

++

Anetac - 2024 Identity Security Posture Management (ISPM) Survey Report

  • Visibility epidemic: 44% of IT security professionals rely on manual logging for service account visibility, while 10% admit to no visibility measures at all. Meanwhile, 47% depend on static tools, potentially missing real-time security threats.
  • Hybrid account misuse: 75% of organizations report the dangerous practice of using service accounts as human accounts or vice versa, blurring the lines between automated processes and individual user actions. Hybrid account misuse happens both on-premises and in the cloud.
  • Company assets at risk: A significant 76% of IT security professionals acknowledged that their service accounts have direct access to the company's crown jewels-the most critical and sensitive assets. However, 40% reported that only 0-14% of their service accounts have such high-level access.
  • Prolonged password rotation cycles: An alarming 53% of security professionals take 13 weeks or more to rotate service account passwords, with 35% extending this period to 16 weeks or beyond. Even more concerning, 3% of respondents admit to rotating these critical passwords only once every 1-5 years.

++

Keyfactor's 2024 PKI & Digital Trust Report

Earlier this year, Keyfactor and VansonBourne released new research revealing the scary truths of a rapidly evolving digital landscape marked by the proliferation of machine identities within organizations, the increasing use of Generative AI technology, the growing threat of Post Quantum and the widespread adoption of IoT devices. The report found:

  • The escalating volume of certificates used by the average organization is outpacing their ability to manage, with 91% of organizations reporting deploying greater volumes of cryptographic keys and digital certificates, compared to 74% in 2023 and 61% in 2021. 
  • While 99.8% of organizations reported having a machine identity strategy in place to help them manage certificate sprawl, and 55% believe their strategy is fully mature, 93% reported experiencing challenges with implementation, and 72% believed machine identity management is problematic to their organization, showcasing a false sense of confidence.
  • This proliferation of devices is having a negative impact on organizations. The average organization experienced nine certificate-related incidents over the past 12 months. These incidents take an average of 2.6 hours to identify a certificate-related outage and another 2.7 hours to remediate it, with an average of 8 staff members directly involved in response and remediation during a typical outage caused by a certificate-related incident.
  • With the looming threat of quantum computers, which are capable of breaking some of the most widely-used security protocols in the world today, 80% of organizations report they are concerned about their ability to adapting cryptography to this threat. While post-quantum cryptography (PQC) readiness holds promise as a solution, 95% of organizations are encountering obstacles in the process of getting ready for PQC, reporting bottlenecks including: 
    • Limited budget and resources for PQC implementation (45% report this as a primary challenge)
    • Integration challenges with existing security infrastructure (44% report this as a primary challenge)
    • Difficulty in finding skilled personnel for PQC adoption (43% report this as a primary challenge)

++

DataDome's Global Bot Security Report 2024

Bots present an array of scary challenges for businesses. DataDome's 2024 Global Bot Security Report found an increase in both the quantity and sophistication of bot-driven attacks. Other scary findings include:

  • 2 out of 3 organizations are unprotected against simple bot attacks.
  • Advanced bots were detected less than 5% of the time.
  • Fraudsters increasingly use more advanced frameworks and strategies, moving away from older, easier-to-detect technologies.
  • AI advancements have drastically reduced the effectiveness of traditional CAPTCHA defenses. Now bots can solve CAPTCHAs quickly and at a low cost.
  • The health, luxury and e-commerce sectors are the least protected industries from bot attacks.
  • Fake Chrome bots remained to be the most difficult simple bot to detect, leaving businesses vulnerable to layer 7 DDoS attacks, account fraud, and more.

++

Global SASE Report | Xalient

Xalient has recently released its Global Research Report, Why SASE is the Blueprint for Future-Proofing Your Network in 2025 and Beyond, which surveyed 700 IT, network and security leaders from organizations with 2,000+ employees from the UK, US & Canada, and Benelux. It finds that organizations are struggling to keep up with the evolving threat landscape and this is a primary driver for Secure Access Service Edge (SASE) adoption. 

Key findings include:

  • 99% of organizations have experienced a security attack in the last 12 months
  • 44% of these attacks are a result of a remote or hybrid worker 
  • 82% are struggling to recruit and retain specialist security skills 

The research also found a key challenge facing respondents is finding, recruiting, and retaining specialist security skills to protect their organization from new and growing threats that impact the networks. 

++

Recent findings from Jumio's  2024 Online Identity Study, reveals growing concern among Americans on the political influence AI and deepfakes may have during elections. 
  • 72% of American consumers are worried about the potential for AI and deepfakes to influence upcoming elections
  • U.S. consumers feel deepfakes undermine trust in politicians and media, with 70% reporting increased skepticism in the content they see online, compared to the last election. 
  • Only 46% of global consumers believe they could easily spot a deepfake of a political figure or celebrity. This drops to 37% in the U.S. and confidence wanes by age group, with only 22% of Americans age 55 or older trusting their ability.   

++

Skybox Security's survey findings highlight a disparity between the perceived effectiveness of network and security team collaboration and the actual results. 

  • 81% of decision-makers perceive their current collaboration levels as effective and 82% report successful information-sharing practices. 
  • Despite formal processes, over a third of respondents report that their organization's security posture has been negatively impacted by miscommunication between network and security teams to a certain or large extent. 
  • Almost half (45%) of organizations have experienced miscommunications that resulted in delays in reporting or addressing security incidents in the last 12 months. 

++

With the rapid adoption of AI technology into the cybersecurity sector, Swimlane's recent report illuminates the risks associated with AI adoption.  

  • 74% of cybersecurity leaders are aware of individuals at their organization inputting sensitive data into a public LLM, even though 70% of organizations have specific protocols in place when it comes to what data is shared in a public LLM. 
  • 51% of respondents say they are starting to feel fatigued by the constant focus on AI. 

++

SecurityScorecard's recent reports reveal the increased risks associated with third parties and supply chains.  

++

Cofense's Annual Report highlights the growing threat of malicious emails bypassing Secure Email Gateway's 

  • There was a 104.5% increase in the number of malicious emails bypassing SEGs, with a 67% increase in volume of credential phishing in 2023 
  • 90% of data breaches in 2023 started with phish 

++

Verve, a Rockwell Automation company, highlights the growing challenges for industrial organizations in its latest ICS Advisory Report with the flood of new ICS vulnerabilities each year. 

  • The number of industrial control systems (ICS) advisories published each year on CISA's ICS-Cert site has stayed consistent (an increase of 1 advisory [less than 1%] over 2022). 
    • However, the number of common vulnerabilities and exposures (CVEs) contained in those advisories increased dramatically by 28%.
  • A good portion of the vulnerabilities could be used to impact the critical manufacturing sector (42%). Almost half of all the reported vulnerabilities could affect more than one sector (49%).
  • 50% of ICS advisories were reported by researchers while only 44.5% were reported by the company. 

++

Menlo Security: The Continued Impact of Generative AI on Security Posture

  • In the last half of 2023, the research team observed an 80% increase in attempted file uploads to generative AI websites.
  • In a 30-day period in Q1 2024, 55% of the data loss prevention events detected by Menlo Security included attempts to input personally identifiable information into generative AI platforms.

Menlo Security: 2023 State of Browser Security Report

  • In the second half of 2023, Menlo Labs Threat Research team observed a 198% increase in browser-based phishing attacks compared to the first half of the year.
  • When specifically looking at attacks classified as "evasive," the researchers observed a 206% increase. Evasive attacks utilize a range of techniques meant to evade traditional security controls including SMS phishing (smishing), Adversary in the Middle (AITM) frameworks, image-based phishing and brand impersonation or Multi-Factor Authentication (MFA) bypass.

++

SlashNext: 2024 Mid-Year Assessment on the State of Phishing

  • Fueled by AI-generated attacks, SlashNext researchers observed a 341% increase in malicious phishing link, BEC, QR Code and attachment-based email and multi-channel messaging threats in the first half of 2024.
  • Since the launch of ChatGPT in November 2022, SlashNext researchers observed a 4,151% increase in malicious phishing messages sent.

++

Ontinue: 1H 2024 Threat Intelligence Report

  • In Q1 alone, there were 8,967 published CVE records, with over 13,400 more awaiting publication. However, the most widely published vulnerabilities aren't always the ones most exploited.
  • At the start of 2024, we witnessed a surge in zero-day vulnerabilities affecting Ivanti products, with 3 of them still actively exploited today. This highlights the critical importance for organizations to stay aware of the software and hardware they use, ensure timely patching, and subscribe to vendor security bulletins. Patching once a month or quarter is no longer sufficient to maintain adequate security.
  • In 2024, the Manufacturing & Industrial sector has emerged as the most targeted industry, with its share of attacks rising from 20% in 2023 to 41% this year.

++

Salt: State of API Security Report 2024

The threat of API attacks is growing, and traditional methods aren't advanced enough to keep up with the rapidly-evolving digital landscape.

  • 95% of organizations experienced security problems in production APIs within the last 12 months, with 23% suffering breaches as a result of API security inadequacies.
  • Over one-third (37%) of the respondents, who all have APIs running in production, reported they do not have a current API security strategy in place.
  • The amount of APIs organizations have in their sprawl increased by 167% in the past year.
  • Only 21% of the respondents believe that their current security approaches are effective in preventing API attacks.
  • The number of reported API incidents has more than doubled since 2023 from 17% to 37%. 
  • Despite growing API traffic, only 7.5% of organizations have implemented dedicated API testing and threat modeling programs.

++

Auvik: 2024 IT Trends Industry Report

  • On average, 29% of network and SaaS related IT tasks are still done mostly or completely manually.
  • Only 35% of IT technicians indicated they were highly confident that their organization's network toolset meets the needs of remote workers, but 90% support at least some level of remote work.

++

Bugcrowd: 2024 Inside the Mind of a Hacker Report: Insights on AI, Hardware Hacking, and Cybersecurity Trends

  • AI has opened up a new attack vector in organizations. In a survey of 1,300 ethical hackers, 82% of hackers believe that the AI threat landscape is evolving too fast to adequately secure. 93% of hackers agree that companies using AI tools have created a new attack vector
  • The report illuminated the rise of a surprising trend: the increasing prominence of hardware hacking. In the past 12 months, 81% of hardware hackers encountered a new vulnerability they had never seen before, and 64% believe that there are more vulnerabilities now than a year ago.
  • In response to the rise of AI, 83% of hardware hackers are now confident in their ability to hack AI-powered hardware and software, indicating a new potential avenue for exploitation.

++

Critical Start: H1 Threat Intelligence Report

This Halloween season, a new breed of cyber threats casts an ominous shadow: deepfakes and scareware. Deepfakes-AI-generated digital apparitions-mimic voices, faces, and even full video sequences with unsettling accuracy, making it nearly impossible to discern between friend and foe. Cybercriminals exploit these highly convincing forgeries to deceive people and organizations, resulting in: 

  • 3,000% Surge in Deepfake Fraud Attempts: In 2023 alone, the number of deepfake fraud attempts has risen by a staggering 3,000%, raising significant concerns among cybersecurity professionals.
  • 6.5% of All Fraud Cases: Deepfakes now haunt 6.5% of all fraud cases, undermining trust and creating confusion in various sectors.
  • $1 Trillion in 2024: The financial specter of deepfake fraud is projected to reach $1 trillion globally in 2024, posing a serious challenge for organizations unprepared for this growing threat.

Meanwhile, scareware lurks in the shadows, using social engineering to spook users into reckless clicks and downloads. Disguised as urgent pop-up warnings or critical updates, scareware tricks victims into stepping into its trap, leading them to malicious sites or tempting them to download malware masked as must-have software. These sinister strategies are growing more devious, where individuals and businesses must remain vigilant, enhance cybersecurity defenses and awareness to counter these insidious threats before they can strike.

++

XM Cyber: Navigating the Paths of Risk: The State of Exposure Management in 2024

  • In May, XM Cyber released its third annual State of Exposure Management Report, produced in collaboration with the Cyentia Institute, which found that identity and credential misconfigurations represent a staggering 80% of security exposures across organizations, with one-third of these directly endangering critical assets, making them prime targets for attackers to exploit.
  • The report highlights that while only 2% of exposures occur at choke points-locations where multiple attack paths intersect-these points are disproportionately dangerous, as they give attackers broad access to key systems. Organizations with poor security posture face six times more exposures (30,000) than high-performing peers (5,000). Businesses must focus on securing these choke points to close the most critical attack paths and efficiently mitigate risk.
  • The report also showed that cloud environments are not exempt from the risk of exposure - 56% of critical asset exposures are in cloud platforms, with 70% of organizations vulnerable to attackers traversing from on-premise networks to cloud systems. Alarmingly, attackers can compromise 93% of critical assets in these cloud environments within just two hops.

++

Darktrace: First 6: Half-Year Threat Report 2024

  • Darktrace detected 17.8 million phishing emails across its customer fleet between December 21, 2023, and July 5, 2024. Alarmingly, 62% of these emails successfully bypassed DMARC verification checks which are industry protocols designed to protect email domains from unauthorized use, and 56% passed through all existing security layers.
  • The report also revealed that double extortion ransomware is on the rise. As ransomware continues to be a top security concern for organizations, ransomware strains like Akira, Lockbit, and Black Basta are all adopting double extortion tactics, where data is exfiltrated within 12 hours of encryption, and victims are threatened with exposure unless the ransom is paid. This increases pressure on victims and complicates defenses against ransomware attacks​.

++

Oasis Security: 2024 ESG Report: Managing Non-Human Identities

This Halloween, the real scare lurking in the shadows isn't ghosts-it's Non-Human Identities (NHIs). NHIs such as service accounts, tokens, access, and API keys often linger unmonitored, making them prime targets for cyber threats.

  • In fact, 46% of organizations have confirmed breaches through NHIs, according to recent research from analyst firm Enterprise Strategy Group.
  • Alarmingly, NHIs outnumber human users on average by a factor of 20x in modern enterprise. 
  • As NHIs multiply at an alarming rate, 52% of companies expect their count to rise by over 20% in the coming year, according to the same report. In response, 83% of organizations are planning to increase their spending on non-human identity security, though many still struggle to effectively manage this expanding attack surface.

++

Zimperium: Mobile Phishing Attacks Targeting Enterprises Surge, Zimperium Researchers Find

  • 82% of phishing sites now target mobile devices, highlighting how s cybercriminals are increasingly adopting a "mobile-first" attack strategy
  • Financial services organizations saw 68% of its mobile threats attributed to sideloaded apps. In fact, zLabs researchers found that mobile users who engage in sideloading are 200% more likely to have malware running on their devices than those who do not. APAC outpaced all regions in sideloading risk, with 43% of Android devices sideloading apps.
  • The report detected over 87K malware samples detected a month, which is a 13% increase Y-o-Y and 80% more spyware samples detected on enterprise devices.

Zimperium: Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware

  • Mobile security researchers at Zimperium are releasing intel on a new variant of the FakeCall malware. FakeCall employs a technique known as Vishing (voice phishing), in which fraudulent phone calls or voice messages are used to deceive victims into disclosing sensitive information. This new variant has the ability to capture information displayed on a screen using the Android Accessibility Service. The variant is showing a strategic evolution in mobile security - evasive cyberattacks are now the new normal, as cybercriminals are becoming more sophisticated in their mobile phishing attacks.

++

Here are a few scary stats from Fortra's various threat research teams.

  • $76,910.30 was the average amount of fraudulent wire transfers in blocked BEC attacks in 2024.
  • This year, 27.02% of BEC phishing attacks were linked to credential theft scams.
  • Fortra identified 2,142 fraudulent bank accounts in online attacks in 2024.
  • The average amount requested by wire transfer peaked in January 2024 at $159,747.77.
  • The number of counterfeit sites online and on social channels increased 50% from Q1 to Q2 of this year.

++

Radware - the company's First Half 2024 Global Threat Analysis Report highlighted a surge in high-intensity, volumetric attacks, marked by a growing emphasis on attacking application infrastructure. Malicious activity continues to be driven by worldwide geopolitical tensions.

  • In the first half of 2024, Web DDoS attacks surged globally 265% compared to the second half of 2023.
  • Application-Layer DNS DDoS attack activity quadrupled, compared to the first half of 2023
  • North American online applications and APIs shouldered 66% of web attacks
  • EMEA organizations faced more than 90% of web DDoS attacks
  • Finance organizations experienced 44% of network-layer DDoS attacks
  • Average DDoS volume blocked per organization grew by 293% in EMEA, 116% in the Americas, and 302% in APAC, compared to the same period in 2023.

++

CrowdStrike's 2024 Global Threat Hunting Report, which offers an in-depth look into the adversary landscape uncovered: 

  • Cloud intrusions increased by 75% overall, with cloud-conscious cases amplifying 110% year-over-year. 
  • The average breakout time for eCrime intrusion activity it decreased from 79 minutes in 2022 to 62 minutes in 2023, leaving defenders only an hour's worth of time to minimize the cost and damage caused by the intrusion.


CrowdStrike's 2024 Threat Hunting Report, which details findings on sophisticated eCrime threats and novel nation-state campaigns, found: 

  • Adversary use of Remote Monitoring and Management (RMM) tools increased by 70%, and 27% of all interactive intrusions leveraged RMM tools.

++

Normalyze's Solving Enterprise Data Complexity with Data Security Posture Management whitepaper uncovered:

  • One-fourth of businesses don't know where their sensitive data is (26% of respondents suspect they've lost sensitive data)
  • More than 60% of sensitive data resides on public cloud services today, and it is expected to increase to 68% within 24 months.

++

DTEX Systems's 2024 Insider Risk Investigations Report, which sheds light on the growing threat of foreign interference levering insider attack tactics, uncovered: 

  • 62% of insider incidents attributed to nation-states involve malicious insiders
    • 87% of these incidents leverage legitimate access
  • 78% of nation-state-sponsored insider incidents involve data exfiltration
    • 57% of these incidents involve the sabotage of critical systems

++

Bitwarden 2024 Cybersecurity Pulse Survey that sheds light on the latest cybersecurity trends and current threats facing global IT and cybersecurity decision-makers uncovered: 

  • 63% find it moderately or very challenging to maintain a strong security posture as more employees use generative AI tools
  • 46% of respondents reported receiving a phishing scam posing as their bank, 41% as their financial institution, and 36% as a government entity 

++

Coalition's 2024 Cyber Claims Report from Coalition provides a firsthand look at the latest cyber risks and claims trends impacting policyholders uncovered that:  

  • Ransomware severity increased 68%, resulting in an average loss of $353k.
  • Ransomware, Funds Transfer Fraud, and Business Email Compromise accounted for nearly 75% of all reported claims.
  • Coalition clawed back $10.8 million with an average recovery of $208k

++

Lookout's Mobile Threat Landscape Report: Q2 2024, which analyzed more than 315 million mobile apps and app versions, found:  

  • More than 40% of iOS vulnerabilities disclosed in the last 18 months have had a CVSS score of 7/10 or greater
  • There was an increase in phishing/malicious sites from 10,540,000 in Q2 2023 to 17,870,000 in Q2 2024.
  • There was a discovery of 80,400 malicious apps on enterprise devices in Q2

++

Barracuda Networks' Cybernomics 101 report that uncovers the financial forces driving cyberattacks found:  

  • 71% of the respondents experienced a ransomware attack in the last year, and alarmingly, 61% of those affected chose to pay the ransom
  • 50% of respondents believe AI will enable hackers to launch more attacks
  • 39% believe their security infrastructure is adequately equipped to protect against GenAI-powered security attacks.

++

Rapid7's Ransomware Radar Report provides a comprehensive analysis of ransomware incidents recorded globally uncovered: 

  • More than 2,570 ransomware incidents in the first half of 2024, an average of 14 publicly-claimed daily incidents. 
  • Within the year's first half, Rapid7 observed 21 new ransomware groups entering the scene. 
  • 68 ransomware groups made a total of 2,611 leak site posts between January and June, representing a 23% increase over the number of posts made in the first half of 2023.

++

Splunk's State of Security 2024: The Race to Harness AI Report, which analyzed how security teams are navigating generative AI, uncovered that:  

  • 52% of respondents experienced a data breach.
  • 86% say the current geopolitical climate contributes to their organization being targeted more.
  • 48% experienced cyber extortion, making it more popular than ransomware itself.

++

Proofpoint's 2024 Ponemon Healthcare Cybersecurity Report, which analyzes the cybersecurity threats against healthcare facilities, uncovered that: 

  • 92% of organizations surveyed experienced at least one cyberattack in the past 12 months, an 88% increase from 2023.
  • 69% of organizations say they're vulnerable to a cloud/account compromise, 69% say their organizations have already suffered from a cloud/account compromise
  • 69% of healthcare organizations report a disruption to patient care from cyberattacks

++

Rubrik Zero Labs "The State of Data Security: Measuring Your Data's Risk" report 

Ransomware produces outsized impacts on healthcare organizations as they grow in sensitive data. 

  • Rubrik observed that healthcare organizations secure 22% more data than the global average. 
  • A typical healthcare organization has more than 42 million sensitive data records - 50% more sensitive data than the global average of 28 million.
  • Ransomware attacks against observed healthcare organizations have an estimated impact of almost five times more sensitive data than the global average.
  • This equates to an estimated 20% of a typical healthcare organization's total sensitive data holdings impacted every time there is a successful ransomware encryption event, compared to 6% for an average organization.
  • The typical 8.4 million impacted sensitive data records in a single successful ransomware attack represents a 20% loss of a healthcare organization's total sensitive data holdings.
  • Virtualization really matters for healthcare and ransomware: 97% of all encrypted data in Rubrik observed healthcare organizations last year occurred within virtualized architecture compared to 83% across all industries. 

The cloud is targeted with more frequency-and more success-than its on-premises counterparts with blind spots making it difficult to defend including:

  • Blind spot #1: 70% of all data in a typical cloud instance is object storage. Object storage represents a common blind spot for most security appliances because it's typically not machine readable by these same technologies.
  • Blind spot #2: 88% of all data in object storage is either text files or semi-structured files, such as CSV, JSON, and XML.
  • Blind spot #3: More than 25% of all object stores contain data covered by regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).

++

HYPR’s State of Passwordless Identity Assurance report

This report uncovers vital insights into identity threats and trends based on interviews with 750 IT security professionals spanning various geographies and sectors. Shocking statistics make it clear that the digital jungle demands stronger, faster, and smarter identity solutions. Identity assurance is more than just a security measure; it’s a vital foundation for building a resilient and adaptable future.

  • 91% of respondents claim credential misuse or authentication weakness as the cause of a breach—up from 82% in 2022, yet 99% of respondents rely on legacy authentication methods that remain vulnerable to these threats
  • 69% of companies were breached through authentication processes, which is unsurprising as most employees use four different types of authentication methods
  • 86% of financial organizations faced identity-based cyberattacks
  • 67% of respondents deployed new identity tools or changed their authentication methods following a breach and 33% neglected to act
  • 89% of IT professionals believe passwordless security is the ultimate shield, yet over half (53%) continue to rely on vulnerable username / password methods

++

According to OpenText Cybersecurity's 2024 Global Ransomware Survey:

Respondents are overwhelmingly concerned about supply chain attacks. Those who reported a ransomware attack this year were more likely to report that it came from their supply chain.

  • Forty percent of respondents have been impacted or don’t know by a ransomware attack originating from a software supply chain partner.
  • Of the respondents who experienced a ransomware attack in the past year, 62% have been impacted by a ransomware attack originating from a software supply chain partner and 90% are planning to increase collaboration with software suppliers to improve security practices in the next year.

Almost three-quarters of companies have experienced a ransomware attack this year, with more SMBs than large enterprises having experienced an attack.

  • Of the 48% of respondents who have experienced a ransomware attack, 73% have experienced a ransomware attack in the last year, only a quarter have not (25%) and 2% don’t know.
  • Of those who experienced a ransomware attack in the past year, a little less than half (46%) paid the ransom. 31% of their ransom payments were between $1 million and $5 million. At the same time, almost all (97%) successfully restored their organization’s data. Only 3% did not.

Respondents experienced more phishing attacks due to the increased use of AI, especially among those who have experienced a ransomware attack.

  • More than half (55%) of respondents said their company is more at risk of suffering a ransomware attack because of the increased use of AI among threat actors.
  • Almost half (45%) of respondents have observed an increase in phishing attacks due to the increased use of AI. Of those who experienced a ransomware attack, 69% have observed an increase in phishing attacks due to the increased AI usage.

++

According to OpenText Webroot’s 2024 GenAI Consumer Trends and Privacy Report:

  • Two-thirds of respondents expressed concern about AI systems collecting and misusing personal data.
  • While many people have taken steps to protect their personal data—such as using VPNs, password managers, and antivirus software—workplace privacy protection is lagging. Only 27% of employed respondents use privacy tools and settings to safeguard workplace data when using AI.
  • The top privacy tools in the workplace include password managers (64%), antivirus software (63%), VPNs (62%), and ad blockers (61%).
  • For personal data protection, 76% use strong, unique passwords, 69% regularly update software, and 64% enable two-factor authentication

++

Sourcing data from nearly 19 million devices, Forescout – Vedere Labs’ Riskiest Connected Devices of 2024 report reveals the hidden dangers lurking within aging and overlooked devices.

Key findings include:

  • IoT Devices with vulnerabilities expanded by a whopping 136% since 2023.
  • IT Devices – network infrastructure and endpoints – still account for the most vulnerabilities at 58% despite being down from 78% in 2023.
  • The most vulnerable device types are wireless access points (WAPs), routers, printers, voice-over-IP (VoIP) devices, and IP cameras. The most-exposed unmanaged gear includes VoIP devices, networking infrastructure, and printers.
  • The top three verticals with the riskiest devices are technology, education, and manufacturing.

++

According to Forescout – Vedere Labs’ H1 Threat Review Report:

  • Vulnerabilities surged by 43% – The average number of new CVEs per day was 111 or 3,381 per month from Jan 1-July 31, 2024; 7,112 more than H1 2023
  • Ransomware attacks are on the rise – Attacks averaged 441 per month, or 15 per day from Jan 1-July 31, 2024, with government, financial services, and technology companies remaining the top three targets of any industry. Active ransomware groups grew by 55%.

++

ArmorCode - Modernizing Application Security to Scale for Cloud-native Development

  1. 42% of security teams report that they have no visibility at all into what developers are doing to test and fix their code.
  2. 90% of IT, cybersecurity, and application development professionals are moderately or very concerned about identifying or flagging sensitive data shared with GenAI frameworks or chatbots.
  3. 86% of IT, cybersecurity, and application development professionals are moderately or very concerned about the security of APIs related to usage of GenAI.
  4. 81% of IT, cybersecurity, and application development professionals are moderately or very concerned about ensuring customer data is not lost of shared via GenAI.
  5. 67% of organizations are experiencing an increase in infrastructure-as-code (IaC) misconfigurations.

++

Red Sift - 2024 Strengthening U.S. political campaigns against cyber threats report

  • After analyzing 84 Senate campaign sites and 14 Presidential or party-affiliated campaign domains, Red Sift determined that a staggering 75% of these campaign websites lack proper DMARC protection.
  • Red Sift’s analysis shows that without DMARC, campaigns remain highly susceptible to phishing, domain-spoofing and impersonation attacks. These threats can slow campaign operations, create disinformation or leak confidential information, all of which can have a devastating impact during critical election periods.
  • The report highlights that while technical solutions like DMARC are critical, they must also be properly configured and managed to be effective.

++

Veracode - 2024 Banking and Financial Services Snapshot of State of Software Security

  • The 2024 Banking and Financial Services Snapshot of State of Software Security found that the financial sector is higher (worse) than the overall ratio, with 76% of organizations exhibiting some level of security debt across their applications. Even more concerning, 50% of organizations in the financial sector have high-severity security flaws in their applications.
  • While 84% of all security debt affects first-party code, 78.6% of critical security debt comes from third-party code, further reinforcing CISA’s Open-Source Software Security Roadmap and Secure by Design Pledge. 
  • Specific to the financial sector, Veracode found that most (84%) of all security debt affects first-party code. But the majority of critical security debt comes from third-party dependencies. This solidifies that both first and third-party code is necessary to drive down security debt within organizations.

++

Immersive Labs
Immersive Labs' study, Unveiling the Dark Side of GenAI: How People Trick Bots into Revealing Company Secrets, dives into the various ways humans are outsmarting GenAI bots and how leaders need to be aware of prompt injection risks to take decisive action, including establishing comprehensive policies for GenAI use within their organizations.
  • 88% of prompt injection challenge participants successfully tricking the GenAI bot into giving away sensitive information in at least one level of an increasingly difficult challenge
  • Nearly a fifth of participants (17%) successfully tricked the bot across all levels, underscoring the risk to organizations using GenAI bots.
  • With the implementation of system prompts providing specific commands (such as not translating the password, denying any knowledge of the password), 83% of the participants were still able to trick the bot.
  • After introducing Data Loss Prevention (DLP) checks, 71% of the participants could still bypass the bot.

++

Ping Identity

Ping Identity's annual report, "The Great Technology Wave: Overcoming the Fear of Unknowns for Improved Digital Experiences," evaluates consumer sentiment when engaging with brands online:

  • Security (78%), ease of use (76%), and privacy/consent (69%) are top concerns for consumers when interacting with online brands.
  • 54% of consumers have stopped using an online service because they became frustrated when trying to log in.
  • 89% have complaints about passwords, with 61% admitting they have too many to keep track of.
  • 36% of consumers have fallen victim to identity fraud, with financial identity fraud (18%), account takeover (9%), and impersonation (8%) being the most common fraud types experienced by respondents.
  • 89% of consumers are concerned about AI impacting their identity security.
  • Most consumers (97%) have concerns about their personal data being online, with only 8% having full trust in organizations that manage their identity data, lower than 10% last year.
  • 26% of consumers receive spam calls daily, reaching 44% when looking at U.S. respondents alone.

++

Cohesity

According to Cohesity's 2024 Global Cyber Resilience Report, analyzing the latest cybersecurity and ransomware trends from over 3100 IT and security leaders from across the globe:

  • 78% respondents said they have confidence in their company's cyber resilience strategy but 83% said they would pay a ransom to recover data and restore business processes at a faster rate
  • 69% respondents said their organization had paid a ransom in the last year, before being surveyed, despite 77% saying their company had a ‘do not pay' policy
  • 80% respondents said they had responded to what they believe to be AI-based attacks or threats within the last 12 months

According to Cohesity's Consumer Survey, analyzing 6,000+ consumers worldwide on the digital industry's data practices:

  • 81% in the US criticized companies for collecting too much of their personal or financial data.
  • 92% in the US are concerned that AI will make securing and managing their data much more challenging. Most even go a step further to classify AI as a risk to data protection and security (72% in the US).
  • More than half of those surveyed do not agree with the idea that companies should pay ransoms (52% in the US), condemning the common practice of companies buying their way out of ransomware attacks.

++

Vectra AI 
2024 State of Threat Detection and Response Research Report: The Defenders' Dilemma - Despite the assurances of consolidation and platformization from security vendors, this data reveals a rising distrust towards vendors from SOC teams. Many practitioners, while confident in their own skills, feel their tools are falling short in effectively helping them detect and prioritize real threats.
  • SOC teams receive an average of 3,832 alerts per day, 62% of them are ignored
  • Nearly three-quarters (71%) of SOC practitioners starting they worry they will miss a real attack buried in a flood of alerts
  • Nearly half (47%) of practitioners do not trust their tools to work the way they need them to work
  • 54% say the tools they work with actually increase the SOC workload instead of reducing it
  • 60% of SOC practitioners say a lot of their security tools are bought as a "box ticking" exercise for compliance

++

Nightwing 

Nightwing's Zero Trust Survey reveals that while IT leaders recognize the importance of Zero Trust Security, many face hurdles like managing vendors, budget constraints, and overcoming internal resistance.

  • 96% of IT professionals surveyed agreed that their organizations needed a Zero Trust model to be successful.
  • 65% of respondents reported that they had fully implemented a Zero Trust framework, with the remainder planning to have the model implemented within a year. 
  • Only 3% of respondents indicated they had no issues during Zero Trust implementation. IT professionals reported an array of speed bumps along the way, including:
    • Multiple products/solutions required (43%)
    • Vendors brought into the process too late (39%)
    • Budget shortfalls (39%)
    • Ongoing maintenance requirements (38%)
    • Plans not followed during implementation (37%)
    • Legacy system implementations (31%)
    • Slowed productivity in some departments (28%) 
  • The most common issue cited is that organizations consider Zero Trust a low priority (49%) with many struggling with the budgets required for the effort.
  • Despite the obstacles on the path to Zero Trust security, 32% reported seeing immediate benefits from the model, while another 52% waited six months or longer to see benefits materialize.

++

Entrust, a global leader in identity-centric security solutions.

2024 PKI and Post-Quantum Trends Study

  • While 61% of global respondents plan to migrate to PQC within the next five years, less than half of organizations globally (41%) are presently preparing for the transition.
  • 38% of global respondents reported not having the right scale and technology to support the required extra computing power for PQC.
  • 51% of respondents reported a lack of clear ownership over this transition, while 43% reported a tie between insufficient skills and complicated or fragmented requirements as the biggest hurdle to enabling PKI.
  • Despite the fact that 44% reported a focus on building their cryptographic strategy, 43% cited an inability to simply inventory their crypto assets, the top concern for all nine countries surveyed in readying themselves for the transition.

2024 State of Zero Trust & Encryption Study

  • Despite 59% of organizations reporting significant senior leadership support for Zero Trust, a lack of skills and budget are still cited as the biggest roadblocks to implementing these frameworks, highlighting a discrepancy between support and resource allocation.
  • 50% of respondents identified a shortage of skilled personnel, 47% highlighted the absence of clear ownership, and 46% pointed to inadequate staffing as the primary reasons for the challenges associated with credential management.

++

WatchGuard, a global leader in unified cybersecurity and MSPs

WatchGuard's quarterly Internet Security Report, a comprehensive analysis of evolving cyber threat trends, emerging attack vectors, major data breaches, and practical mitigation strategies.

  • Q2 2024 showed a 168% increase in evasive malware detections quarter-over-quarter. 
  • Network attacks are on the rise, increasing 33% from Q1 2024. Across regions, the Asia Pacific accounted for 56% of all network attack detections, more than doubling since the previous quarter. 
  • 7 of the Top 10 malware threats by volume were new this quarter. New threats included a new Mirai Botnet variant, which infects IoT devices, such as TVs and smart-home devices, enabling threat actors to turn them into remotely controlled bots.
  • A rise in malware hidden in blockchains. Malicious code in blockchains poses a long-term threat, as blockchains are not meant to be changed and, theoretically, a blockchain could become an immutable host of malicious content. 

++

Gigamon, a leading deep observability vendor helping to manage and secure hybrid cloud infrastructures of the likes of AWS, Lockheed Martin, and the DoD.  

2024 Hybrid Cloud Security Survey

  • In the last 12 months, more than 1 in 3 organizations failed to detect a breach using existing security tools.
  • Just 40% of organizations claim to have visibility into East-West (lateral, encrypted) traffic, despite research showing that 93% of malware now lurking behind such traffic. 
  • Just under half (46 percent) of CISOs feel only somewhat or not at all prepared to detect threats.
  • 39% of CISOs cite an extortion threat as the first indicator of a serious security breach, while 36 percent only discovered the attack when data was leaked on the dark web.

++

Silverfort, a unified identity security company that pioneered the first and only platform that enables modern identity security everywhere.  

Silverfort's "Identity Underground Report" is the first attempt to map out the most critical identity security weaknesses that lead to credential theft, privilege escalation or lateral movement - both on-prem and in the cloud.

  • 64% of all user accounts authenticate via the weakly encrypted NTLM protocol, providing attackers easy access to cleartext passwords. Easily cracked with brute-force attacks, NTLM authentication is a prime target for attackers looking to steal credentials and move deeper into an environment.
  • A single misconfiguration in an Active Directory account spawns 109 new shadow admins on average. Shadow admins are user accounts with the power to reset admin accounts' passwords or manipulate accounts in other ways. Attackers use Shadow Admins to change settings, permissions, and give themselves more access to machines as they move deeper into an environment.
  • 7% of user accounts inadvertently hold admin-level access privileges, giving attackers more opportunities to escalate privileges and move throughout environments undetected.
  • One in every ten user accounts operates as a service account, representing highly privileged machine identities. Attackers target service accounts, as they are often overlooked or unknown to the security and identity teams that manage them.
  • 13% of user accounts are categorized as "Stale accounts," which are effectively dormant, serving as easy targets for lateral movement and evading detection by attackers.

++

LevelBlue simplifies cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence, and renowned research. 

Financial services leaders face an urgent challenge: balancing the rapid pace of innovation with the need for robust cybersecurity. The 2024 LevelBlue Futures Report for Financial Services delves into the critical misalignment between business goals and IT priorities that puts organizations at risk.

  • 89% of financial services respondents anticipate that dynamic computing will enhance operational performance within the next three years. Yet, a similar number acknowledge the increased exposure to risk.
  • 69% of financial services respondents believe cybersecurity is an afterthought in their organizations with another 72% confirming efforts are often siloed.
  • 66% of financial services respondents indicate that cybersecurity resilience initiatives are not sufficiently factored into the organization's budget. In fact, 85% of financial organizations report budgets are reactive rather than proactive.
  • The adoption of Cybersecurity-as-a-Service (CSaaS) is on the rise, with 34% opting to outsource their cybersecurity needs rather than managing them in-house.
  • 62% of financial services respondents reveal there's a lack of understanding about cybersecurity at the board level.  

++

Venafi

Venafi's Organizations Struggle to Secure AI-Generated and Open Source Code report surveyed 800 security leaders to better understand their concerns around the use of AI-generated and open source code in their production environments, as well as what they believe are their best options for mitigating risk.

Tension Between Security and Developer Teams

  • 83% of security leaders say their developers currently use AI to generate code, with 57% saying it has become common practice.
  • However, 72% feel they have no choice but to allow developers to use AI to remain competitive, and 63% have considered banning the use of AI in coding due to security risks. 

Inability to Secure at AI Speed

  • 66% of respondents report it is impossible for security teams to keep up with AI-powered developers.
  • As a result, security leaders feel like they are losing control and that businesses are being put at risk, with 78% believing AI-developed code will lead to a security reckoning and 59% losing sleep over the security implications of AI.  

Governance Gaps

  • 63% of security leaders think it is impossible to govern the safe use of AI in their organization, as they do not have visibility into where AI is being used.
  • Despite concerns, less than half of companies (47%) have policies in place to ensure the safe use of AI within development environments.  

Open Source Overload

  • On average, security leaders estimate 61% of their applications use open source - although GitHub puts this as high as 97%. This over-reliance on open source could present potential risks, given that 86% of respondents believe open source code encourages speed rather than security best practice amongst developers.  

Vexing Verification

  • Ninety percent of security leaders trust code in open source libraries, with 43% saying they have complete trust - yet 75% say it is impossible to verify the security of every line of open source code. As a result, 92% of security leaders believe code signing should be used to ensure open source code can be trusted.  

++

Deep Instinct, a zero-day data security company 

Deep Instinct's 2024 Voice of SecOps report examines the role of generative AI in cybersecurity, addressing both its potential and its risks. The report, conducted by Sapio Research, surveyed 500 senior cybersecurity experts from companies with 1,000+ employees in the U.S. operating in financial services, technology, manufacturing, retail, healthcare, public sector, or critical infrastructure.

  • Corporate leadership teams are now prime targets for deepfake manipulation. Over the past year, 61% of organizations experienced a rise in deepfake incidents, with 75% of these attacks impersonating an organization's CEO or another member of the C-suite.
  • The rise of adversarial AI is taking a toll on cybersecurity professionals, with 66% admitting their stress levels are worse than last year and two in three (66%) saying AI is the direct cause of burnout and stress. 
  • Three in four security professionals (75%) had to change their cybersecurity strategy in the last year due to the rise in AI-powered cyber threats, with 73% expressing a greater focus on prevention capabilities. Additionally, 97% of respondents are concerned their organization will suffer a security incident due to adversarial AI. Yet, 41% are still relying on EDR solutions for protection.
  • 42% of organizations currently use preventative technologies, like predictive prevention platforms, to help protect against adversarial AI.
  • However, more than half (53%) of security professionals feel pressure from their board to adopt tools that allow them to prevent the next cyber attack, rather than rely on antiquated defense mechanisms that have proven ineffective.

++

Veriff 

Veriff's Fraud Index 2024: Part 2 - Is a follow-up survey of end users measuring their experiences of online fraud and their appetite towards fraud-prevention measures:

  • Almost 58% of US respondents encountered fraudulent or suspicious activity at least once over the year, compared with just 37% in the UK.
  • 77% of respondents who said they had lost money from fraud over the year said they expected a company to reimburse them for money lost. 
  • More than 56% of respondents consider a company's record on fraud prevention when choosing whether to sign up for their service.
  • The use of AI and deepfakes in the political process has become a major concern, with 73% of US-based respondents reporting they are worried about its impact on elections. 
  • Most consumers believe parents are responsible for keeping their children safe online. However, for 38.46% of respondents, the website, platform, or app being used is also responsible. 

Veriff's Fraud Industry Pulse Survey 2024 surveyed hundreds of senior decision-makers and fraud leaders from businesses across the US in April 2024 to understand how fraud is impacting their businesses.

  • Almost 87% of respondents reported an increase in online fraud in the year to April 2024. Just 1.19% of respondents said they experienced zero fraudulent IDV attempts in a month.
  • Nearly 78% of U.S. decision-makers have seen an increase in the use of AI in fraudulent attacks over the past year. On the flip side, nearly 79% of CEOs are using AI and ML in fraud prevention.
  • More than 86% of decision-makers say their customers are now more demanding of robust fraud prevention capabilities.
++

Gurucul

Gurucul's 2024 Insider Threat Report surveyed 413 IT and cybersecurity professionals to uncover the latest trends, challenges, and strategies for combating insider threats.  

Key report findings include: 

  • 48% of organizations saw an increase in insider attacks over the past 12 months, with 51% experiencing six or more attacks within the past year. Remediation costs for these incidents exceeded $1 million for 29% of respondents. 
  • The primary drivers behind the rise in insider attacks were complex IT environments (39%), adoption of new technologies (37%), and inadequate security measures (33%), reflecting critical areas that require attention. 
  • 71% of organizations reported feeling at least moderately vulnerable to insider threats, underscoring a growing awareness and concern over internal risks. 
  • Although 93% of respondents consider unified visibility and control across environments crucial, only 36% have a fully integrated solution to achieve this, highlighting a need for more cohesive security strategies. 
  • 50% of respondents use partially integrated solutions, while 28% manage visibility through separate, non-integrated tools. Additionally, 17% indicate inadequate tooling, and 20% rely on disparate systems for monitoring users, applications, and devices, revealing a substantial tools gap. 
  • The primary obstacles to implementing effective insider threat management tools were technical challenges (39%) and cost factors (31%). 

++

Zenity

The average large enterprise has close to 80,000 apps and copilots that have been developed outside the traditional software development lifecycle and about 62% of these contain security vulnerabilities. The average large organization has developed over 2,600 of their own AI copilots using low-code platforms and 63% of those were overshared to members of both the organization and the public, creating risks for prompt injection and data leakage. - researchers at Zenity, The State of Enterprise Copilots & Low-Code Development in 2024

++

Palo Alto Networks

Three-quarters of industrial organizations in 16 countries have detected malicious cyber activity in their OT environment in the past year; 1 out of 4 were forced to shut down OT operations due to a successful attack in the past year, either because of actual disruption or as a preemptive measure. - Palo Alto Networks' 2024 State of OT Security Report

++

Unit 42 team at Palo Alto Networks:

According to a recent report from our Unit 42 team at Palo Alto Networks, there has been a 49% increase in ransomware victims in 2024, with the US impacted by a majority (52%) of total global attacks.

++

Utimaco

78% of U.S.  consumers worry about their data security when using online services; 61% now say security is the most important factor when picking a financial institution, up from 24% in 2023. - Utimaco's new consumer survey with YouGov.

++

DNSFilter

DNS continues to be a prominent target for cybercriminals. According to DNSFilter's recent threat intelligence report

  • The percentage of unique domains attempted by users but blocked as threats rose notably, from 1.6% in Q3 2023 to 3.6% in Q3 2024. 
  • Queries to malicious domains-encompassing malware, phishing, deception, and botnet sites-amounted to over 16.6 billion potential threats from July to September 2024 on the DNSFilter network. 
  • DNSFilter observed a significant spike in traffic to potentially harmful domains containing the word "Olympic" during the Paris Olympics, peaking at 546% above the average on August 1, 2024. 
  • With hurricane season underway, activity on domains containing "hurricane" also surged. Malicious queries for these domains rose by 460% over the daily average on September 27, 2024. 
  • With the election coming up, DNSFilter has seen a rise in traffic to new domains with election-related keywords, including the terms "vote" and "voting". Traffic to this term on September 18 was 14x the daily average, with steady traffic between September 17 and September 29, showing increased interest in these domains in the lead up to the election.  

##

Published Thursday, October 31, 2024 7:30 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<October 2024>
SuMoTuWeThFrSa
293012345
6789101112
13141516171819
20212223242526
272829303112
3456789