News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • common security failings that leave companies vulnerable to attack

    Posted on CADesertRat Comment on the AskWoody Lounge

    Home Forums Code Red – Security/Privacy advisories common security failings that leave companies vulnerable to attack

    Topic Resolution: Not a Question
    Viewing 2 reply threads
    • Author
      Posts
      • #2288190 Reply
        CADesertRat
        AskWoody Plus

        I find it inexcusable that 71% of company’s use such weak passwords and do not patch vulnerable software.

        ZDnet

         

        Hackers can gain access to the internal networks of corporations by exploiting two security failings and in as little as 30 minutes.

        Ethical hackers and cybersecurity researchers at Positive Technologies perform penetration testing against organisations in a wide variety of sectors, but find common security vulnerabilities across all industries. The findings have been detailed in a new report, Penetration Testing of Corporate Information Systems.

        The report, based on anonymised data from real organisations which have had their networks tested, said that for 71 percent of companies, there’s at least one obvious weakness which could provide malicious outsiders with entry into the network.

        One of the most common security issues is weak passwords, allowing hackers to gain access to accounts by using brute force attacks. Cracking the password of one account shouldn’t be enough to gain full access to an internal network, but in many cases, it just takes this and the ability to exploit known vulnerabilities to gain further access to systems.

        Don't take yourself so seriously, no one else does 🙂
        4 Win 10 Pro at 1909 (3 Desktops, 1 Laptop).

      • #2288282 Reply
        Paul T
        AskWoody MVP

        Nothing surprising there.
        IT is run by IT folk, not security folk. It is not helped by silly recommendations like “change your password every 30 days”.

        cheers, Paul

        1 user thanked author for this post.
      • #2290620 Reply
        Charlie
        AskWoody Plus

        If IT is run by IT folk, then Security Technology should be run by ST folk.  Would it be too much to expect that these two folks work together and set rules to improve overall awareness of the importance of security?  Just my 2¢.

        Win 7, Sandy Bridge 3.3GHz, Linux Mint 19.1, Klaatu barada nikto

        • #2290712 Reply
          Paul T
          AskWoody MVP

          If you need an IT bod do you advertise for a Security bod?
          Not enough knowledge in most organisations to know what they require in IT and Security and there is only X dollars, so IT gets priority.

          cheers, Paul

    Viewing 2 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: common security failings that leave companies vulnerable to attack

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.