Vulnerability Assessments
Common Vulnerabilities Found During Vulnerability Assessments
Misconfigured Systems
This category covers a range of common configuration errors, including: Running unnecessary services on systems. Failing to change insecure default settings during setup. Lacking strong access controls on resources. Using outdated firmware on devices.
Outdated
Software
Outdated software can expose critical vulnerabilities that are often well-documented and easily exploitable, making this a high-severity issue due to the potential for unauthorized access and system control.
Weak
Protocols
Weak encryption and certificate issues can lead to man-in-the-middle attacks and data interception. Given the potential for data breaches, this is a high-severity concern.
DNS Misconfiguration
Problems like DNS zone transfers or insecure subdomains can lead to traffic interception or redirection, phishing attacks, and spreading malware, which can be quite severe depending on the domain’s role.
Open
Ports
Unnecessary open ports can expose services to the internet, creating entry points for attackers. The severity depends on what services are exposed and how critical they are.
Suspicious Applications
Non-credentialed scans often detect services or applications that are unexpected or unauthorized. These findings could be indicators of security compromises such as malware infections or unauthorized access.
Packages
Real World Cyber Attacks
Company: Clorox
Attack type: Unknown, but has indications of ransomware
Location: North America
Year: 2023
Cost: $356 million USD
- Service Information
- Available Online
Protect Your Business Today – Book Your Free Cybersecurity Consultatio...
30 min
FreeFree