Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Point-of-sale attacks accounted for a third of data breaches in 2013, report says

Lucian Constantin | May 22, 2014
However, a significant rise in attacks targeting sensitive data not related to payment cards was also observed, Trustwave says

Weak passwords remained the leading cause of compromises and accounted for 31 percent of incidents. This includes passwords used for VPN (virtual private network), SSH (Secure Shell) and remote desktop connections, as well as those used for application administration.

Outdated and vulnerable off-the-shelf software accounted for 10 percent of intrusions, but Web application vulnerabilities like SQL injection, directory traversal, remote file inclusion and file upload flaws, were also important factors.

The Trustwave report also contains statistics about the results of application vulnerability assessments performed by the company, which were separate from the data breach investigations.

Ninety-six percent of all applications that Trustwave scanned contained at least one serious security vulnerability, Yeo said. Large organizations will have hundreds of Web applications in their environments and it's important that those are ranked from a criticality perspective and that the most critical ones undergo regular security testing, he said.

 

Previous Page  1  2 

Sign up for Computerworld eNewsletters.