Weak passwords were responsible for 31% of intrusions investigated in 2013
Study: 2014 Trustwave Global Security Report
Date: May 2014
Popular methods of intrusion for the 2013 breaches investigated by Trustwave:
* - Includes passwords from VPN, SSH, remote desktop, application administration, etc. ** - Insufficient evidence to determine the mechanism of intrusion (due to poor logging practices or an attacker adept at covering their tracks) *** - Includes unpatched software and zero day attacks
Date: May 2014
Popular methods of intrusion for the 2013 breaches investigated by Trustwave:
 | Weak passwords* |
| Unknown** |
| File upload flaw |
| Vulnerable off-the-shelf software*** |
| SQL injection |
| Phishing |
| Authorization flaw |
| Remote file inclusion, physical access, or directory traversal |
* - Includes passwords from VPN, SSH, remote desktop, application administration, etc. ** - Insufficient evidence to determine the mechanism of intrusion (due to poor logging practices or an attacker adept at covering their tracks) *** - Includes unpatched software and zero day attacks