Risk management focus shifts from external to internal exposure

Coalfire released its fourth annual Securealities Penetration Risk Report which analyzes enterprise and cloud service providers (CSPs) internal and external attack vectors, application development and mobile app security, social engineering and phishing, and PCI- and FedRAMP-specific findings, with data segmented by industry and company size. The report reflects the results of more than 3,100 penetration […]

Continue Reading

The impact of exploitable misconfigurations on network security

Network professionals feel confident with their security and compliance practices but data suggests that they also leave their organizations open to risk, which is costing a significant amount of revenue, according to Titania. In addition, some businesses are not minimizing their attack surface effectively. Companies are prioritizing firewall security and chronicle a fast time to […]

Continue Reading

The most common exploit paths enterprises leave open for attackers

Exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 exploitation are the most common exploit paths medium to large enterprises left open for attackers in Q1 2022, according to Mandiant. Opening doors for attackers The firm has […]

Continue Reading

The perils of SaaS misconfigurations

The Cloud Security Alliance (CSA) released the findings of an Adaptive Shield survey, offering insight into the industry’s knowledge, attitudes, and opinions regarding SaaS security and related misconfigurations. “Many recent breaches and data leaks have been tied back to misconfigurations. Whereas most research related to misconfigurations has focused strictly on the IaaS layers and entirely […]

Continue Reading

Exposed records exceeded 40 billion in 2021

According to a research by Tenable, at least 40,417,167,937 records were exposed worldwide in 2021, calculated by the analysis of 1,825 breach data incidents publicly disclosed between November 2020 and October 2021. This is a considerable increase on the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records […]

Continue Reading

How likely are mid-market organizations to experience a breach by the end of 2021?

Coro released an extensive cybersecurity research report revealing a true market failure: a severe lack of preparedness of the mid-market sector, which is comprised of companies with between 100 and 1,500 employees, to defend against an expanding array of cyber attacks. Pandemic-induced digital transformation, including remote work, proliferation of devices, and increased cloud application usage, […]

Continue Reading