Rapid7
CYBERSECURITY
Rapid7
: Security Framework
54
CLICK TO WATCH | 3:19
On the former , it was revealed that organisations continue to host vulnerable , internet-exposed systems . Rapid7 also found the levelling off of EternalBlue exploit attempts in its project Heisenberg honeynet , and revealed that the overall population of vulnerable services holds steady , therefore holding the attention of attackers . In detection telemetry – and as Beardsley already has mentioned – attackers continue to favour phishing attacks , as well as malware and malicious documents ; valid user accounts remain the preferred method for breaching an environment .
“ A lot of what we found , we predicted ,” he explains . “ For example , that companies continue to build and deploy straight up , vulnerable systems and then put them on the internet . So , things like Windows machines with SMBs – Windows ’ ‘ everything ’ protocol for file sharing , administration , authorisation , printing … everything – just exposed to the internet . That ’ s pretty shocking , it was probably the most visceral reaction I had to the data .”
JUNE 2020