Personnel the Common Cause of Exploits
Posted by: Timothy Weaver on 08/23/2016 09:38 AM
[
Comments
]
What are the top five exploits to break into your computer system? Not software vulnerabilities but employee vulnerabilities.
Here are the top five:
Weak domain user passwords (a root cause of compromise in 66 per cent of cases).
Broadcast name resolution poisoning (aka WPAD – 64 per cent).
Local administrator attacks (aka Pass the Hash – 61 per cent).
Cleartext passwords stored in memory (aka Mimikatz – 59 per cent).
Insufficient network access controls (52 per cent).
Hackers use social engineering to break into target computers. This is usually done with phishing emails. "Social engineering will always be successful to achieve initial access to an organization," Joshua Abraham, practice manager at Praetorian. "One percent of employees will always be susceptible to social engineering attacks."
"Organizations should put controls and processes in place to reduce the blast radius when an attack is successful. Therefore our research was focused on the attack vectors that are used after the initial access has been achieved. This can be used to focus defensive efforts based on the attacker's playbook," he explained.
Source: The Register
Here are the top five:
Weak domain user passwords (a root cause of compromise in 66 per cent of cases).
Broadcast name resolution poisoning (aka WPAD – 64 per cent).
Local administrator attacks (aka Pass the Hash – 61 per cent).
Cleartext passwords stored in memory (aka Mimikatz – 59 per cent).
Insufficient network access controls (52 per cent).
Hackers use social engineering to break into target computers. This is usually done with phishing emails. "Social engineering will always be successful to achieve initial access to an organization," Joshua Abraham, practice manager at Praetorian. "One percent of employees will always be susceptible to social engineering attacks."
"Organizations should put controls and processes in place to reduce the blast radius when an attack is successful. Therefore our research was focused on the attack vectors that are used after the initial access has been achieved. This can be used to focus defensive efforts based on the attacker's playbook," he explained.
Source: The Register
Comments
