This was from an article published on Dark Reading recently. It was from a survey of 300 IT professionals, conducted by PhoneFactor, an authentication tool vendor.
They were asking IT professionals if they would be willing to bet any of their own money that their networks would not be breached in the next 12 months. 57.7 percent refused to take the bet, opting for $0.
More than two-thirds (70.3) percent of the respondents were only somewhat confident or not at all confident that an unauthorized person could not gain access to their networks.
Only one quarter, (25.7) were very confident that they would know that their networks had been infiltrated.
When asked if an expert hacker could gain access to their networks, 84.4 percent thought it was at least possible, and 23.1 percent said that an expert hacker could definitely gain access to their corporate networks.
Top reasons given:
- The networks may be vulnerable to malware (55.4 percent)
- Use of personal devices to access company resources (45 percent)
- Sheer volume of attacks (35.2 percent)
- Widespread use of remote network access (32.6 percent)
HALOCK is headquartered in Schaumburg, IL, in the Chicago area and advises clients on information security and conducts pen test services throughout the US.
Exploit Insider
Legacy software that uses web traffic can be used to blend in with other incoming and outgoing traffic.
Attackers can exploit default credentials to escalate privileges within systems, endangering sensitive assets.
Relying on frontend controls for access management can lead to attackers gaining excessive privileges.
The Dangers of Legacy Protocols
How poisoning legacy broadcast name resolution protocols led to domain compromise
Penetration Test Report Essentials
