Skip to content
July 9, 2026
  • Linkedin
  • Twitter
  • Facebook
  • Youtube

Daily CyberSecurity

Zero-hour alerts. Unmatched analysis.

Primary Menu
  • Home
  • CVE Watchtower
  • Cyber Criminals
  • Data Leak
  • Linux
  • Malware
  • Vulnerability
  • Submit Press Release
  • Vulnerability Report
Light/Dark Button
  • Home
  • News
  • Malware
  • Verizon Releases “2018 Data Breach Investigations Report”: Ransomware Has Become the Most PrevalentMalware
  • Malware

Verizon Releases “2018 Data Breach Investigations Report”: Ransomware Has Become the Most PrevalentMalware

Do Son April 12, 2018 4 minutes read
Add Daily CyberSecurity as a preferred source on Google

According to threatpost reports, U.S. telecommunications giant Verizon said in its 2018 Data Leakage Investigation Report (DBIR) on Tuesday that the number of ransomware attacks has doubled in the past year and become the most popular malware. It’s because hacking organizations want to pay ransoms by locking down key business systems and thus gain huge benefits.

Bryan Sartin, Verizon Executive Director of Security Professional Services, said in a statement: “[Ransomware] is now the most prevalent form of malware, and its use has increased significantly over recent years. What is interesting to us is that businesses are still not investing in appropriate security strategies to combat ransomware, meaning they end up with no option but to pay the ransom – the cybercriminal is the only winner here.”

After analyzing more than 53,000 security incidents (including 2,215 violations), Verizon said that ransomware attacks represent 39% of specific malware incidents.

One of the trends in the promotion of ransomware attacks is the ability to target critical business systems (non-desktops) that may cause more damage to the company, and it is likely that hacking organizations will attempt to use it as a target of extortion to gain more benefits. Over time, asset classes in ransomware incidents have moved from user devices to servers. Verizon says this is because hackers realize that encrypting file servers or databases is more destructive than a single user’s device.

Verizon said that horizontal movements and other threat activities are often involved in other systems that can be used for infection and occlusion. These ransomware attacks are attractive to hacking organizations because hackers themselves barely need to bear any risks or costs, and they also do not need to breach confidentiality terms to achieve their goals.

Verizon stated in his report that many hackers currently consider money as their top priority. According to the survey, 76% of all violations are financially motivated.

For example, the most prominent examples of ransomware in 2017 were the WannaCry and NotPetya attacks in May. WannaCry ransomware infects more than 300,000 systems in 150 countries and requires a $300 ransom to decrypt the key. At the same time, NotPetya encrypted the master boot record and requested Bitcoin as the main form of the ransom payment.

In October, BadRabbit, another ransomware activity, shook the security industry. This event-related to Russia’s Telebots was launched using malware on websites in Russia, Ukraine, and Eastern Europe. In this incident, the attackers aimed at the infrastructure (not just the desktop system) and caused great damage, of which Ukraine suffered the greatest damage to key network assets and infrastructure.

Recently, in March 2018, the city of Atlanta became the target of ransomware attacks. The incident affected several departments and smashed government websites that process payments and pass on court information. Subsequently, Atlanta City was asked to pay $51,000 in exchange for a key to decrypt the system.

To mitigate the possibility of ransomware attacks, Verizon recommends in its report that users should ensure that they have regular backups, segregate those assets that are important, and prioritize business continuity.

Verizon found that, overall, hackers, malware, and social attacks (such as phishing) were the top security breaches in the past year.

In addition, Distributed Denial of Service (DDoS) attacks is another major threat highlighted by the Verizon 2018 report. Verizon said: “DDoS attacks can impact anyone and are often used as camouflage, often being started, stopped and restarted to hide other breaches in progress.”

Currently, most cybercriminals are economically motivated. Therefore, it is not surprising that they attacked the financial, insurance, and retail industries. Sean Newman, director of product management at Corero Network Security, believes that DDoS technology that detects and automatically mitigates attacks in real time is an essential requirement for online companies that want 100% uptime.

Source: threatpost

Get Zero-Hour Vulnerability Alerts

Critical CVEs, CVSS scores, and PoC updates — straight to your inbox every week.


We respect your inbox. Unsubscribe anytime.

Related coverage

  • Operation Peek-A-Baku: Silent Lynx APT Exploits LNK Flaws to Deploy Reverse Shells via GitHub Against Central Asian Diplomacy
  • Inside the BRUSHWORM Malware Campaign Bridging Air-Gaps with USB “Sleeper” Cells
  • Cyber Alert: Bumblebee Malware Targets US Organizations
  • Fake AI Ad Tool “Madgicx Plus” Hijacks Meta Advertiser Accounts
  • Threat Alert: Kryptina Ransomware Targets Linux Systems

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee Logo Buy Me a Coffee PayPal
Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Share this article:

Facebook Post LinkedIn Telegram
Written by
@DdoS · Security Researcher

Do Son

Do Son is the Founder and Editor of SecurityOnline.info. Working in cybersecurity since 2013, he reports on vulnerabilities, malware, and emerging threats, providing timely analysis to help organizations and individuals stay ahead of evolving risks.

Tags: Data Breach Investigations

Search

Translation

CVE WATCHTOWER
🚨

Receive alerts for vulnerabilities being exploited in the wild.

⚡

Get notified instantly when a Proof of Concept (PoC) exploit is published.

🔍

Access critical info on vulnerabilities even when marked as "RESERVED".

🧠

Insights powered by decades of expertise and global intelligence sources.

🎯

Customize alerts with up to 10 keywords for your specific tech stack.

📊

Export the raw CVE database for SIEM integration and reporting.

Upgrade Package

🚨 Active Exploits in the Wild

  • CVE-2026-55255CVSS 8.4
    Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-48908
    A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-56290
    The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable...
    CISA KEV📅 Added to KEV: Jul 7, 2026
  • CVE-2026-20896CVSS 9.8
    Gitea Docker image: `REVERSE_PROXY_TRUSTED_PROXIES = *` default lets any source IP impersonate any user via `X-WEBAUTH-USER`
    Admin intel📅 Updated: Jul 6, 2026
  • CVE-2026-48282CVSS 10.0
    ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted...
    Admin intelCISA KEV📅 Added to KEV: Jul 7, 2026📅 Updated: Jul 3, 2026
  • CVE-2024-14037CVSS 9.8
    Redsea Cloud eHR contains an arbitrary file upload vulnerability that allows unauthenticated attackers to achieve remote code execution...
    Admin intel📅 Updated: Jul 3, 2026
  • CVE-2026-8451CVSS 8.8
    Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured...
    Admin intel📅 Updated: Jul 2, 2026
  • CVE-2026-8037CVSS 9.6
    OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to...
    Admin intel📅 Updated: Jul 1, 2026
Powered by CVE Watchtower

🔴 Live Critical Threats

  • CVE-2026-5955CVSS 9.8
    Improper neutralization of special elements used in an SQL command ('SQL injection')...
  • CVE-2026-2342CVSS 9.3
    Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in...
  • CVE-2026-15158CVSS 9.8
    The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload...
  • CVE-2026-14245CVSS 9.8
    The miniOrange OTP Login, Verification and SMS Notifications plugin for WordPress is...
  • CVE-2026-47646CVSS 9.3
    Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics...
  • CVE-2026-54782CVSS 10.0
    CoreWCF is a port of the service side of Windows Communication Foundation...
  • CVE-2026-15113CVSS 9.6
    Use after free in Autofill in Google Chrome on Android prior to...
  • CVE-2026-44024CVSS 9.8
    Fluentd collects events from various data sources and writes them to files,...
  • CVE-2026-53649CVSS 9.6
    # Unauthenticated Cross-Origin Plugin Upload Leads to RCE (Joro ≤ v1.1.0) **Severity:**...
  • CVE-2026-52831CVSS 10.0
    ## Summary Nuclio controller builds a `curl` invocation string for each cron...
Powered by CVE WATCHTOWER

Our Websites
  • Penetration Testing Tools
  • The Daily Information Technology
  • Daily CyberSecurity

    • About SecurityOnline.info
    • Advertise with us
    • Announcement
    • Contact
    • Contributor Register
    • Login
    • About SecurityOnline.info
    • Advertise on SecurityOnline.info
    • Contact Us

    When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works

    • Disclaimer
    • Privacy Policy
    • DMCA NOTICE
    • Linkedin
    • Twitter
    • Facebook
    • Youtube
    © 2017 - 2026 Daily CyberSecurity. All Rights Reserved.