Bugcrowd reports increase in critical vulnerabilities found in 2021

A new Bugcrowd report has revealed significant increases in the number of critical vulnerabilities reported in 2021. 

The company’s 2022 Priority One report covers a variety of security trends over the last year. The report said their platform experienced a 185% increase in the last 12 months for Priority One (P1) submissions with financial services companies. Bugcrowd said P1 submissions involve vulnerabilities that cause a privilege escalation from unprivileged to admin or allow for remote code execution, financial theft, and more. Overall, P1 vulnerabilities increased 186% in 2021. 

Bugcrowd founder Casey Ellis added that the global shift to remote work prompted organizations to put more assets online. That led to more investment in ethical hackers, and Bugcrowd saw that 24% of all valid submissions for the year involved P1 and P2 threats. P2 threats are vulnerabilities that affect the security of software and impact the processes it supports.

Ellis noted that nation-state hackers have also become far more brazen and less concerned about stealth, using attacks on known vulnerabilities far more frequently in 2021. 

“Significantly, we’ve seen a democratization of such threats due to an emerging ransomware economy and a continued blurring of lines between state actors and e-Crime organizations,” Ellis said. “All of

Read More: https://www.zdnet.com/article/bugcrowd-reports-increase-in-critical-vulnerabilities-found-in-financial-sector-for-2021/#ftag=RSSbaffb68