The 17th annual 2024 Data Breach Investigations Report by Verizon highlights a significant increase in the exploitation of vulnerabilities in 2023, with hacks tripling compared to previous years, largely fueled by ransomware actors focusing on zero-day vulnerabilities. The report points out the MOVEit vulnerability as a prime example of this trend, showcasing how threat actors swiftly adapt to new opportunities. Alex Pinto, the lead author of the report, emphasizes the concerning shift in the cybersecurity landscape, indicating a possible escalation in this power struggle
He notes the widening gap between exploitation speed and patching, with attacks occurring within five days, while organizations take around 55 days to patch critical vulnerabilities. Pinto stresses the critical importance of prioritizing vulnerability management, especially for perimeter and external-facing vulnerabilities, and enhancing security outcomes through robust vendor management practices. https://www.bankinfosecurity.com/verizon-breach-report-vulnerability-hacks-tripled-in-2023-a-24979