17 September 19, 15:00
(This post was last modified: 17 September 19, 15:04 by silversurfer.)
Quote:The vast majority of vulnerabilities in ports are found in just three, making it theoretically easier for organizations to defend them against attack, according to Alert Logic.
The security vendor analyzed 1.3 petabytes of security data, over 2.8 billion IDS events, 8.2 million verified incidents, and common vulnerabilities for more than 700 SMB customers, in order to compile its Critical Watch Report for 2019.
It claimed that 65% of vulnerabilities it found in Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are linked to SSH (22/TCP), HTTPS (443/TCP) and HTTP (80/TCP).
RDP/TCP comes in fourth place, which is no surprise as it has already been patched several times by Microsoft, including one for the Bluekeep bug which Redmond warned could provide attackers with WannaCry-like “wormable” capabilities.
The number of vulnerabilities in a port is a good indication of its popularity and it’s no surprise that the top three ports for flaws are also ones exposed to the public-facing internet, Alert Logic said.
However, the findings may provide useful intel for security teams in smaller companies to help them reduce their attack surface quickly and easily.
“As basic guidance, security across all network ports should include defense-in-depth. Ports that are not in use should be closed and organizations should install a firewall on every host as well as monitor and filter port traffic,” the report advised.
Read more here: https://www.infosecurity-magazine.com/ne...ities-are/