Header image

Insecure Protocols Being Used Across Wide Area Networks

Web traffic still run over HTTP as older vulnerabilities are most troublesome.

Organisations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks.

Analysis of 1.26 trillion network flows by Cato Networks found 62% of all web application traffic is run over HTTP, and 46% of all traffic is run over SMB v1 or v2, instead of SMBv3.

Also when evaluating the top ten inbound common vulnerabilities and exposures (CVEs), a seven-year-old attack targeting the PHPUnit testing framework (CVE-2017-9841) was the most common, and it was found across 33% of the inbound CVE exploitations observed.

Furthermore, three years after its discovery, Log4J (CVE-2021-44228) remains one of the most used exploits and it was found across 30% of the outbound CVE exploitations observed.

Upcoming Events

No events found.