ATTACK SURFACE STATUS - WEEK 23

Posted by Reposify on Jun 11, 2020 4:39:11 AM
Reposify
Find me on:

Millions of sensitive assets are left exposed to the internet every day, leaving organizations' attack surfaces vulnerable to various risks which could results in a breach.  Every week we are sharing fresh data, from Reposify's Attack Surface platform, on the most common exposures, CVEs and the Weekly Patch!

ATTACK SURFACE STATUS

June 2nd - June 9th

WEEKLY EXPOSURES BY ASSET CATEGORY

This week Reposify discovered 35.2 million new exposed assets.

Among them are 1.97 million  exposed Storage & Back platforms and 1.6 million exposed Databases.

week 23 overview 1

 

WEEKLY SPOTLIGHT - NETWORK ASSETS

  • 12.1% of the network assets discovered have critical security issues associated with them
  • The top exposed platforms in this category are Memcached, Ntp, AWS Elastic Load Balancer and FortiGate
  • The memcached service should not be exposed to the internet. Misconfigured servers that externally expose the memcached service are vulnerable to amplified Distributed Denial of Service (DDoS) attacks. Misconfigured servers may also expose sensitive or critical data to attackers. We strongly recommend to place the Memcached behind a VPN.

 

network assets deep dive week 23

THE WEEKLY PATCH

CVE-2013-5211 is currently affecting 5.8K NTP related services worldwide.

Mitigate this risk by  updating the ntp to version 4.2.7 or above.

In cases where it is not possible to upgrade the version of the service, it is possible to disable the monitor functionality in earlier versions of the software. To disable “monlist” functionality on a public-facing NTP server that cannot be updated to 4.2.7, add the “noquery” directive to the “restrict default” line in the system’s ntp.conf, as shown below:

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

 


SIGN UP FOR THE ATTACK SURFACE DIGEST

Get fresh data on common exposure, related CVEs & the weekly patch.

 Pure insight, delivered to your Inbox!

 

SIGN UP

 

Topics: "Remote Access", "Exposed RDP", "Attack Surface Management", "Security Risk Assessment", "Shadow IT", "CVE"