Trustwave, an information security provider, has published it's 2015 Trustwave Global Security Report, gathering data from 574 breach investigations by the Trustwave SpiderLabs team across 15 countries (the Report).

The key findings of the Report were:

  • Attackers receive an estimated 1,425% return on investment for exploit kit and ransomware schemes;
  • 8% of applications tested by Trustwave in 2014 had at least one vulnerability. The maximum number of vulnerabilities Trustwave experts found in a single application was 747;
  • "Password1" is still the most commonly used password;
  • Half of the compromises Trustwave investigated occurred in the United States;
  • Retail was the most compromised industry making up 43% of Trustwave's investigations followed by food and beverage (13%) and hospitality (12%);
  • 42% of investigations were of e-commerce breaches. 40% were of point-of-sale (POS) breaches;
  • In 31% of cases Trustwave investigators found attackers targeted payment card track data;
  • 81% did not detect breaches themselves;
  • Weak remote access security and weak passwords tied as the vulnerability most exploited by criminals in 2014;
  • Spam volume continues to decrease making up 60% of total inbound mail but 6% of it included a malicious attachment or link, a slight increase from 2013.

To read a full copy of the Report, please click here.