Insecure Protocols Being Used Across Wide Area Networks
Web traffic still run over HTTP as older vulnerabilities are most troublesome.
Organisations continue to run insecure protocols across their wide access networks (WAN), making it easier for cybercriminals to move across networks.
Analysis of 1.26 trillion network flows by Cato Networks found 62% of all web application traffic is run over HTTP, and 46% of all traffic is run over SMB v1 or v2, instead of SMBv3.
Also when evaluating the top ten inbound common vulnerabilities and exposures (CVEs), a seven-year-old attack targeting the PHPUnit testing framework (CVE-2017-9841) was the most common, and it was found across 33% of the inbound CVE exploitations observed.
Furthermore, three years after its discovery, Log4J (CVE-2021-44228) remains one of the most used exploits and it was found across 30% of the outbound CVE exploitations observed.Related content
Thoma Bravo Announces Intention to Merge LogRhythm and Exabeam
Secure AI Development Code of Practice Opened for Responses
UK Cyber Leaders Lack Confidence in C-Level Acknowledgement
Personal Internet Protection Service Launched by NCSC for Political Targets
NIST Revises Guidelines on Safeguarding Controlled Unclassified Information
GCHQ - China Now Top Priority
GCHQ Warns on Russia's Cyber Threat via Proxy Groups
Upcoming Events
Confirm cancellation
An error occurred trying to play the stream. Please reload the page and try again.
CloseSign up benefits
Registering with SC Media is 100% free. Join tens of thousands of cybersecurity leaders today and gain access to the latest analysis shaping the global infosec agenda.
- Weekly newsletters featuring industry-leading insight
- Access to free cyber expert webinars and videos
- Privileged viewership of special reports, such as the Annual Cyber Salary Survey and Women of Influence