IT disaster recovery, cloud computing and information security news

Report highlights 185 percent increase in high-risk vulnerabilities within the financial sector

Bugcrowd has released its 2022 Priority One report to spotlight the key cyber security trends of the past year. The report reveals that the financial services companies on Bugcrowd’s platform experienced a 185 percent increase in the last 12 months for Priority One (P1) submissions, which refer to the most critical vulnerabilities.

According to activity recorded on the Bugcrowd Security Knowledge Platform, high-level trends included an increase in ransomware and the reimagining of supply chains, leading to more complex attack surfaces during the pandemic. Ransomware overtook personal data breaches as the threat that dominated cyber security news across the world in 2021. Global lockdowns and remote work caused a rush to put more assets online, which led to an increase in vulnerabilities. In turn, security buyers invested heavily to incentivise ethical hackers to find critical threats, causing P1 and P2 bugs to make up 24 percent of all valid submissions for the year.

In the past, advanced persistent threats (APTs) were defined by highly advanced tactics and clandestine operations, but this approach started to shift in 2021 toward more commonplace tactics such as so-called N-day exploits, which are attacks on known vulnerabilities. Diplomatic norms around hacking have weakened to the point where nation-state attackers are now less concerned with being stealthy than in the past.

Other top highlights from the 2022 Priority One Report include:

  • Cross Site Scripting was the most commonly identified vulnerability type
  • Sensitive data exposure moved up to #3 from #9 on the list of top 10 most commonly identified vulnerability types
  • Ransomware went mainstream, and governments responded
  • Supply chains became a primary attack surface
  • Penetration testing entered a renaissance.

More details.

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.