If you haven’t read the Verizon 2012 Data Breach Report, you may want to check it out.  Contains a wealth of information on what’s going on in information security breaches.  Here’s a link:

https://www.wired.com/images_blogs/threatlevel/2012/03/Verizon-Data-Breach-Report-2012.pdf

Some interesting tidbits:

Who’s behind data breaches:

  • 98% came from external agents
  • 4% implicated internal employees
  • <1% committed by business partners
  • 58% of all data theft tied to activist groups

 

How do breaches occur?

  • 81% utilized some form of hacking
  • 69% incorporated malware
  • 10% involved physical attacks
  • 7% employed social tactics
  • 5% resulted from  privilege misuse

 

Commonalities in attacks:

  • 79% of victims were targets of opportunity
  • 96% of attacks were not highly difficult
  • 94% of all data compromised involved servers
  • 85% of breaches took weeks or more to discover
  • 92% of incidents were discovered by a 3rd party
  • 96% of victims subject to PCI DSS had not achieved compliance

 

Exploit Insider

Weaponizing Legacy Software

Legacy software that uses web traffic can be used to blend in with other incoming and outgoing traffic.

 

Abusing Default Credentials

Attackers can exploit default credentials to escalate privileges within systems, endangering sensitive assets.

 

Exploiting API Endpoints

Relying on frontend controls for access management can lead to attackers gaining excessive privileges.

 

The Dangers of Legacy Protocols

How poisoning legacy broadcast name resolution protocols led to domain compromise

 

Penetration Test Report Essentials