Unit 42 analyzed several petabytes of public internet data collected by Cortex Xpanse — the Palo Alto Networks attack surface management solution — in 2022 and 2023. This report outlines aggregate statistics about how attack surfaces worldwide are changing and drills down into particular risks that are most relevant to the market. Today’s attackers have the ability to scan the entire IPv4 address space for vulnerable targets in minutes.

Using RiskRecon’s telemetry of the public risk surface of thousands of organizations, this report takes a look at services which are commonly viewed as unsafe. The prevalence and co-occurrence of these services is used as a indicator of other hygiene and risk indicators at firms.

In 2016, Rapid7 Labs launched the National Exposure Index in order to get a measurable, quantitative answer to a fairly fundamental question: What is the nature of internet exposure—services that either do not offer modern cryptographic protection, or are otherwise unsuitable to offer on the increasingly hostile internet—and where, physically, are these exposed services located? Now in our third year, we continue this ongoing investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the continuing changes involving these exposed services. We’ve also added a third dimension for exposure, “amplification potential,” in the wake of the disastrous memcached exposure uncovered in 2018.

Microsoft has come across an evolution of PLATINUM’s file-transfer tool, one that uses the Intel® Active Management Technology (AMT) Serial-over-LAN (SOL) channel for communication. This channel works independently of the operating system (OS), rendering any communication over it invisible to firewall and network monitoring applications running on the host device. Until this incident, no malware had been discovered misusing the AMT SOL feature for communication.

The purpose of this document is to provide answers to what to look for when choosing a security tool for remote access to internal applications.

The term “exposure” can mean many things. In the context of this report, they define “exposure” as offering services that either expose potentially sensitive data over cleartext channels or are widely recognized to be unwise to make available on the internet, such as database systems. They looked for the presence of 30 of the most prevalent TCP services across the internet, tallied up the results and performed cross-country comparisons to produce a National Exposure Index, a ranked aggregation of the results of Rapid7’s internet-wide scans of 16 usually cleartext or highly targeted common services, based on the in-country prevalence of those services.

With unique and specialized analysis, this paper discusses Nigerian cyber crime actors, their growth, collaboration, and the direction they are headed.

From The Report, “This year, we continue this investigation into the risk of passive eavesdropping and active attack on the internet, and offer insight into the year-over-year changes involving these exposed services.”

Learn easy and effective ways for IT pros to manage help desk tickets and simplify the job of supporting end-users.

A Bulleton recapping headlines and stores in the Global Insurance and Regulatory industry.

This report discusses two key topics: 1) An Intel Security survey that found that awareness was very high and, 97% of those interviewed, said that sharing cyber intelligence was valuable and 2) They explore the Adwind Java-based Trojan. It also includes the usual key points about predictions and threat summaries.