Top threats that most companies were at risk from in 2021 include LockBit, Conti and Dharma ransomware, HAFNIUM, TeamTNT, and APT29 with Log4j abuse, Reg XX and escalation of privileges via Active Directory flaws expected to continue in 2022.
The full report can be accessed here.
While the majority of companies are at medium risk of attacks, the technology sector is the most vulnerable followed by critical infrastructure and manufacturing. Risks to the technology industry increased dramatically in 2021 from 2020 with a rise in spear-phishing attacks attempting to gain a foothold. The weakest link however remained Web Application Firewall and phishing awareness. While the critical infrastructure sector's most problematic area is data exfiltration, i.e. the unauthorized movement of data or data theft.
Read more in this article for VM Blog: