Verizon’s annual report into data breaches has triggered an avalanche of criticism that the company made critical errors when studying the most frequently exploited software vulnerabilities. Experts say the list of vulnerabilities could mislead administrators into devoting remediation efforts toward long-known flaws that don’t reflect the real attack landscape. The U.S. Computer Emergency Readiness Team published a list of the 30 most commonly exploited vulnerabilities just three days after Verizon’s report. Verizon didn’t directly address the controversy, saying “we welcome and are open to feedback””]
Source: https://www.cuinfosecurity.com/verizon-breach-report-criticized-a-9094