Unit 42 warns: Your attack surface is visible to hackers

August 15, 2024
1 min read






Article Summary

TLDR:

Unit 42 warns enterprises about the increased vulnerabilities in network and IT infrastructure due to the rapid growth of new services, often added without central IT security oversight. The Attack Surface Threat Report reveals that new and updated services account for nearly 32% of high or critical cloud exposures, with IT and networking infrastructure being the main source of high-risk exposures.

Summary:

Palo Alto Networks’ Unit 42 security research group has highlighted the challenges faced by organizations in protecting enterprise cloud-based resources. Here are the key elements of the article:

  • The average organization adds or updates around 300 services monthly, posing a challenge to security teams.
  • Industries like telecommunications, insurance, pharma, and life sciences add over 1,000 new services each month, while financial services, healthcare, and manufacturing industries add over 200 monthly.
  • The rapid growth of new services often occurs without central IT security oversight, leading to misconfigurations and exposures.
  • Unit 42’s Attack Surface Threat Report measured threats across 265 organizations worldwide, revealing that new and updated services account for a significant portion of high-risk cloud exposures.
  • Common exposure points include remote access services, unpatched/misconfigured systems, weak cryptography, and vulnerabilities in IoT devices.
  • Recommendations for organizations include continuous scanning of ports, services, and devices, addressing critical vulnerabilities promptly, distinguishing between expected and unknown assets, and utilizing automation capabilities for remediation processes.

Overall, the report emphasizes the importance of identifying and mitigating vulnerabilities in an organization’s attack surface to reduce the risk of cyberattacks and data breaches.


Latest from Blog

Top 20 Linux Admin Tools for 2024

TLDR: Top Linux Admin Tools in 2024 Key points: Linux admin tools streamline system configurations, performance monitoring, and security management. Popular Linux admin tools include Webmin, Puppet, Zabbix, Nagios, and Ansible. Summary

Bogus job tempts aerospace, energy workers

TLDR: A North Korean cyberespionage group is posing as job recruiters to target employees in aerospace and energy sectors. Mandiant reports that the group uses fake job descriptions stored in malicious archives