Companies most at risk from CSP Bypass Vulnerability in Google Chrome, and Discord Account Stealing attacks in 2020
Cymulate, the only SaaS-based Continuous Security Validation platform to operationalize the MITRE ATT&CK framework end-to-end, announced a summary of its platform usage in 2020, illustrating the dramatic influence of the global pandemic on the security landscape.
- A significant uplift in awareness of phishing attacks across all industries as employees improved their high-risk score from 66.3 in 2019 to a new low of 18.1 in 2020 (on a scale of 0-100).
- Overall unique threats in the wild increased two folds from 389 in 2019 to 600 unique threats in 2020.
- The healthcare industry remains most at risk, particularly through web gateways, and phishing is still a high-risk vector in this sector.
- The financial sector is the most proactive and concerned with cyber threats, running 39% of the total assessments performed, and the technology sector is the second most security conscious.
Recommended AI News: Crayon US Gains Microsoft Modern Workplace Unit from Strategic Partner
Top threats that companies were most at risk from include a CSP Bypass Vulnerability in Google Chrome, AnarchyGrabber Discord malware, Jigsaw ransomware dropped by Lokibot, malware authors tricking Apple into trusting malicious Shlayer apps and Doki infecting Docker servers in the cloud.
“Cybercrime is an established industry driven by innovation to find vulnerabilities that can be monetized. The high-risk threats from the report are those that had the highest impact which is one of the metrics used in calculating risk. Looking forward, we see that state-sponsored cybercrime is leading the way with immense resources and talent. In 2021 we expect more attacks to leverage supply chain techniques that make use of the tools and tactics discovered in the SolarWinds breach,” said Avihai Ben-Yossef, co-founder and CTO at Cymulate.
Recommended AI News: Mindlance acquires Quintrix to expand its Workforce Solutions Offerings
“The threat landscape does not stand still, and regular weekly or daily assessments play a critical role in addressing practically daily threat evolutions and a company’s resilience to new immediate threats,” said Eyal Wachsman, CEO and co-founder of Cymulate. “In 2020 we saw more concern for, and lack of security for MAC threats compared to the previous year alongside COVID-themed threats. We anticipate 2021 to see an even greater increase in both these areas as people remain working from home.”
Recommended AI News: TCP Launches Demand-Driven Scheduling Solution Built by Humanity