An overemphasis on tackling novel together with emerging safety threats may hold upwards causing companies to overlook older exactly far to a greater extent than oftentimes exploited vulnerabilities, says a recent report.
The report, from TrustWave, is based on an analysis of information gathered from over 1900 penetration tests together with over 200 information breach investigations conducted on behalf of clients such every bit American Express, MasterCard, Discover, Visa together with several large retailers.
The analysis showed is that major global companies are employing "vulnerability chasers" together with searching out the latest vulnerabilities together with zero-day threats piece overlooking the most mutual ones, the study said.
As a result, companies popular off on to hold upwards felled past times one-time together with supposedly good understood vulnerabilities rather than past times newfangled laid upwards on tools together with methods.
For instance, the superlative iii ways hackers gained initial access to corporate networks inward 2009 were via remote access applications, trusted internal network connections together with SQL injection attacks, TrustWave found.
All iii attacks points create got been good researched together with known almost for several years. SQL injection vulnerabilities, for instance, create got been known almost for at to the lowest degree 10 years, exactly withal popular off on to hold upwards widely prevalent inward web-based, database-driven applications, TrustWave said.
The most mutual vulnerability that TrustWave discovered during its external network penetration tests had to create amongst the administration interfaces for spider web application engines such every bit Websphere, together with Cold Fusion. In many cases, the administration interfaces were accessible straight from the Internet together with had niggling or no password protection, potentially allowing attackers to deploy their ain malicious applications on the spider web server.
Similarly unprotected network infrastructure components such every bit routers, switches together with VPN concentrators represented the minute most mutual vulnerability unearthed past times TrustWave. The vogue past times many companies to host internal applications on the same server that also hosts external content was approximately other mutual vulnerability, every bit were misconfigured firewall rules, default or easy-to-guess passwords together with DNS cache poisoning.
Meanwhile TrustWave's wireless penetration tests unearthed mutual weaknesses such every bit the continued purpose of WEP encryption, legacy 802.11 networks amongst minimal to no safety controls together with wireless clients using populace "guest" networks instead of secured soul networks.
In almost all of the cases, the most mutual vulnerabilities unearthed past times TrustWave were mutual good understood issues that should create got been addressed a long fourth dimension agone said Nicholas Percoco, senior vice president at TrustWave's SpiderLabs inquiry unit.
"There are basically ii themes," Percoco said. "Through our study inward 2009 nosotros works life approximately really one-time vulnerabilities introduce inside enterprises, approximately every bit one-time every bit twenty to xxx years." The minute subject is that attackers are targeting these one-time flaws to interruption into enterprises, together with then using increasingly sophisticated tools to harvest information from companies, he said.
In add-on to older keystroke logging together with parcel sniffing tools, malicious attackers are increasingly employing tools such every bit retentiveness parsers together with credentialed malware to bag data, Percoco said. Memory parsers are used to monitor the random access retentiveness associated amongst a sure enough procedure together with to extract specific information from it. Credentialed malware programs are a novel degree of multi-user programs that create got typically been used to bag coin together with payment carte du jour numbers from ATMs.
There are several measures companies tin accept to mitigate the risks posed past times older together with often overlooked vulnerabilities, TrustWave said. One pace is to keep a consummate property inventory. Many companies are often unaware of all the information technology assets they ain or of the risks they pose to data, thus maintaining an upwards to appointment listing of assets is vital to protecting them, TrustWave said.
Decommissioning older legacy systems every bit much every bit possible tin also assist mitigate the risk. Also, inward 80% of the cases that TrustWave looked at, third-parties were responsible for introducing vulnerabilities. So monitoring third-party relationships is primal according to the company. Other recommended measures included internal network segmentation, information encryption together with stronger Wi-Fi safety policies.
Source : Click Here
Share This :
comment 0 Comments
more_vert