Report Reveals Assets Threat Actors May Exploit

Share post:

A report by cybersecurity firm Randori has categorized the most tempting internet-exposed assets that a threat actor is likely to exploit. The report also revealed that one in 15 organizations currently operates a version of SolarWinds that is actively exploited.

In the 2021 Randori Attack Surface Report, researchers assigned each asset a “Temptation Score” – the chances that an attacker will go after it.

The report showed that more than 25% of organizations have exposed RDP to the internet, while 15% of organizations still use outdated versions of IIS 6 that Microsoft has not supported in the last six years. Randori gave IIS 6 a Temptation Score of 37.

Nearly 40% of organizations use Cisco’s Adaptive Security Appliance (ASA) firewall, which has a history of public vulnerabilities and a Temptation Score of 37. Nearly 50% of all organizations use Citrix NetScaler, which has a score of 33 and multiple public exploits.

Both CiscoWeb VPN and Palo Alto Global Protect joined Citrix NetScaler as VPNs, which are listed in the report with the highest Temptation Scores.

Only 3% of organizations still run versions of Microsoft Outlook Web Access. It was one of the highest on the Temptation Score scale with 38.

The SolarWinds issue has been highlighted in the report because it has exposed vulnerabilities, is mission-critical technology for many companies and is widely used.

The researchers were continually surprised to see that simple burglary attacks with little effort still work in successful enterprises. They also found that a high percentage of organizations do not use MFA.

The researchers suggest that security teams frequently change the default settings so that the version number is not publicly disclosed. If companies are unable to patch or update a tool, they should at least hide it.

In addition, security teams must also find ways to reduce their attack surfaces by migrating things offline or disabling unused functionality.

For more information, read the original story in ZDNet.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways