{"id":419,"date":"2016-05-03T16:32:21","date_gmt":"2016-05-03T20:32:21","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=419"},"modified":"2018-02-23T11:33:33","modified_gmt":"2018-02-23T15:33:33","slug":"trustwave-2016-global-security-report","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/","title":{"rendered":"New Global Security Report Highlights Rise Of Malware-as-a-Service"},"content":{"rendered":"<p style=\"text-align: justify\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-420\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg\" alt=\"Trustwave_Global_Security_Report\" width=\"760\" height=\"349\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg 760w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report-300x138.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report-588x270-2.jpg 588w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report-176x81-1.jpg 176w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report-392x180.jpg 392w\" sizes=\"(max-width: 760px) 100vw, 760px\" \/>Trustwave<span style=\"font-size: xx-small\"><span style=\"line-height: 0px\">\u00a0<\/span><\/span>recently released the\u00a0<a href=\"https:\/\/www2.trustwave.com\/GSR2016.html?utm_medium=web&amp;utm_source=pressrelease&amp;utm_campaign=2016GSR\" rel=\"nofollow\">2016 Trustwave Global Security Report<\/a> which reveals the top cybercrime, data breach and security threat trends from 2015. The report reveals how criminals make use of malware-as-a-service, which data they target, the most common attack methods, how long it takes for businesses to detect and contain data breaches, what types of businesses criminals targeted, and where the majority of victims were located. It also reveals the most commonly used exploits, most prevalent malware families and more.<\/p>\n<p style=\"text-align: justify\">To create the report, Trustwave experts gathered real-world data from hundreds of breach investigations the company conducted in 2015 across 17 countries.\u00a0This data was added to billions of security and compliance events logged each day across the global network of Trustwave Security Operations Centers, evaluation of tens of billions of email messages, analysis of tens of millions of web transactions, thousands of web application security scans and penetration tests, telemetry from security technologies distributed across the globe and industry-leading security research.<\/p>\n<p style=\"text-align: justify\">Key highlights from the 2016 Trustwave Global Security Report include:<\/p>\n<ul style=\"text-align: justify\">\n<li><strong>Weak application security:<\/strong>\u00a097 percent of applications tested by Trustwave in 2015 had at least one\u00a0vulnerability. 10% of the vulnerabilities discovered were rated as\u00a0critical or high risk. The median number of vulnerabilities discovered per\u00a0application by the Trustwave Managed Security Testing service was 14.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Where security incidents occur:<\/strong>\u00a035 percent of data breach investigations conducted by Trustwave occurred in\u00a0North America, 21 percent were in the Asia-Pacific Region, 12 percent were\u00a0in Europe, the Middle East and Africa, and 10 percent were in Latin America and the Caribbean.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Who criminals target:<\/strong>\u00a0Retail was the most compromised industry, making up 23 percent of Trustwave\u00a0investigations, followed by hospitality at 14 percent and food and beverage at 10 percent.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Shift in compromised environments:<\/strong>\u00a0Compromises\u00a0affecting corporate and internal networks increased to 40 percent in 2015,\u00a0up from 18 percent in 2014. 38 percent of investigations were of e-commerce\u00a0breaches, compared to 42 percent in 2014. Twenty-two percent were of point-of-sale (POS) breaches. POS compromises decreased eighteen percentage points from 2014 to 2015, making up 40 percent of Trustwave investigations in 2014 and 33 percent in 2013.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Magento is a target:<\/strong>\u00a085% of compromised e-commerce systems used the Magento open-source platform. At\u00a0least five critical Magento vulnerabilities were identified in 2015, and\u00a0most of the affected systems were not fully updated with security patches.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Data most targeted:<\/strong>\u00a0In 60% of investigations, attackers were after payment card data, split about evenly between card track (magnetic stripe) data (31 percent of incidents), which came mainly from POS environments, and card-not-present (CNP) data (29 percent), which mostly came from e-commerce transactions.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Self-detection of breaches:<\/strong>\u00a0The\u00a0majority of victims, 59 percent, did not detect breaches themselves. The report reveals that self-detection leads to quicker containment of a breach. Self-detection increased from 19% in 2014 to 41% in 2015. In 2015, for self-detected breaches, a median of 15 days elapsed from intrusion to\u00a0containment. For breaches detected by an external party, a median of 168\u00a0days elapsed from intrusion to containment.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Malvertising goes mainstream: <\/strong>The Trustwave analysis of the RIG exploit kit, the most prominent exploit kit of 2014 and the third most prominent in 2015, shows that\u00a0approximately 90 percent of traffic to the kit originates from malicious advertisements. Even some of the largest ad networks have been misused by attackers to spread malware to unsuspecting users visiting popular\u00a0websites.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>The Year of Angler<\/strong>: Angler, the most prevalent exploit kit of 2015, accounted for 40 percent of\u00a0exploit kit-related incidents we observed, more than twice as many as the next most prevalent kit, Nuclear. Angler was also the first exploit kit to\u00a0integrate several newly disclosed exploits, including four zero-day\u00a0exploits and seven &#8220;one-day&#8221; exploits, which target vulnerabilities for which patches have been released but have not yet been widely distributed.<\/li>\n<\/ul>\n<ul style=\"text-align: justify\">\n<li><strong>Shifting spam\u00a0subjects:<\/strong>\u00a0In 2014, pharmaceutical product spam made up almost three-fourths of the\u00a0spam messages Trustwave analyzed. In 2015, that portion dropped\u00a0dramatically, to 39 percent, which was still enough to make it the largest\u00a0share of any category. Spam related to online dating sites and adult products made a combined five-fold leap from 6% in 2014 to 30% in 2015. Five\u00a0percent of overall spam included a malicious attachment or link, a 1 point decrease from 2014.<\/li>\n<\/ul>\n<p style=\"text-align: justify\">&#8220;Cybercriminals have been congregating and organizing for years, but 2015 showed a marked increase in the behavior we would normally associate with legitimate businesses,&#8221; said Trustwave Chief Executive Officer and President Robert J. McCullen. &#8220;Based on the study of numerous security incidents, exploit kits and malvertising campaigns, our 2016 Trustwave Global Security Report shows businesses how and where these sophisticated criminal organizations are most likely to attack, and more importantly, how to defend their assets.&#8221;<\/p>\n<br \/>Widget not in any sidebars<br \/>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015. The report reveals how criminals make use of malware-as-a-service, which data they target, the most common attack methods, how long it takes for businesses to detect and contain data breaches, what types of businesses criminals [&hellip;]<\/p>\n","protected":false},"author":24,"featured_media":420,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[204,205,206,41,203],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>New Global Security Report Highlights Rise Of Malware-as-a-Service<\/title>\n<meta name=\"description\" content=\"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"New Global Security Report Highlights Rise Of Malware-as-a-Service\" \/>\n<meta property=\"og:description\" content=\"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2016-05-03T20:32:21+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-02-23T15:33:33+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"760\" \/>\n\t<meta property=\"og:image:height\" content=\"349\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Jeff Edwards\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Edwards\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/\",\"name\":\"New Global Security Report Highlights Rise Of Malware-as-a-Service\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg\",\"datePublished\":\"2016-05-03T20:32:21+00:00\",\"dateModified\":\"2018-02-23T15:33:33+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\"},\"description\":\"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg\",\"width\":760,\"height\":349},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"New Global Security Report Highlights Rise Of Malware-as-a-Service\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\",\"name\":\"Jeff Edwards\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"caption\":\"Jeff Edwards\"},\"description\":\"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.\",\"sameAs\":[\"https:\/\/solutionsreview.com\",\"https:\/\/x.com\/InfoSec_Review\"],\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"New Global Security Report Highlights Rise Of Malware-as-a-Service","description":"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/","og_locale":"en_US","og_type":"article","og_title":"New Global Security Report Highlights Rise Of Malware-as-a-Service","og_description":"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2016-05-03T20:32:21+00:00","article_modified_time":"2018-02-23T15:33:33+00:00","og_image":[{"width":760,"height":349,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg","type":"image\/jpeg"}],"author":"Jeff Edwards","twitter_misc":{"Written by":"Jeff Edwards","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/","name":"New Global Security Report Highlights Rise Of Malware-as-a-Service","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg","datePublished":"2016-05-03T20:32:21+00:00","dateModified":"2018-02-23T15:33:33+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6"},"description":"Trustwave\u00a0recently released the\u00a02016 Trustwave Global Security Report which reveals the top cybercrime, data breach and security threat trends from 2015.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2016\/05\/Trustwave_Global_Security_Report.jpg","width":760,"height":349},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/trustwave-2016-global-security-report\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"New Global Security Report Highlights Rise Of Malware-as-a-Service"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6","name":"Jeff Edwards","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","caption":"Jeff Edwards"},"description":"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.","sameAs":["https:\/\/solutionsreview.com","https:\/\/x.com\/InfoSec_Review"],"url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/jedwards\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/419"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=419"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/419\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/420"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=419"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=419"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}