If you joined Rapid7 at RSAC 2020 just a few days ago, you probably caught wind of Rapid7’s end-of-year threat report. I’m happy to announce that now that the RSAC dust has settled, we’ve released that report here.
Read the full Rapid7 2020 Threat Report today
Get Started
In case you don’t quite have the time to read Rapid7’s entire wrap-up of the threats and incidents we saw in customer networks over the course of 2019, here is the shortest of short stories: Organizations continue to host vulnerable, internet-exposed systems that are being targeted by attackers. Simultaneously, attackers are targeting valid user accounts as their preferred method for breaching an environment. These are the two essential sides of the cyber-defense coin that your enterprise should be focused on.
To make the report easier to read and to bring some real, actionable advice to the table, we’ve split up this report into three sections:
1. Focus on threat telemetry
In this section, we make the case that, yes indeed, we’ve it new-normal high levels of EternalBlue scanning and exploit attempts. While the rate of change has pretty much leveled off, there are still hundreds of thousands of exposed Windows SMB servers left on the internet.
We also saw similar stories for other protocols, such as UPnP, RDP, and a rather significant jump in Microsoft SQL Server (port 1433). Today is the second best time to find your own points of exposure using your favorite asset and vulnerability management solution. (What’s the best time? Yesterday! ..
Support the originator by clicking the read the rest link below.
