Season 2: Episode 1 - Methods, Easy Targets, and Breach Data

00:00:00
/
00:21:30

October 14th, 2019

21 mins 30 secs

Season 2

Your Hosts

About this Episode

Sara begins by unpacking what’s changed in this year’s research, covering changes in personnel, data sources, and research scope. The team then turns to the first significant finding of the new research series: the discovery of widespread, unsophisticated reconnaissance campaigns targeting PHP. While systems running PHP were a major target last year as well, the proportion of opportunistic traffic looking for old, unprotected PHP vulnerabilities was even higher this year. After that they dive into one of their major data sources, the breach notifications published by individual U.S. states. One of the findings from the breach disclosures was a strong relationship between victims’ industries and the attack methods. Ray, Sara, and Sander look at why that is, and what it means for defenders.