Latest


Credential issues accounted for over 60% of compromise factors in Q1: Report

  •   Fri, Aug 04 2023 02:03:03 PM

New Delhi, Aug 4 (IANS): In the first quarter (Q1) of 2023, credential issues accounted for over 60 per cent of compromise factors, while misconfiguration accounted for 19 per cent of compromise factors, a new report showed on Friday.

According to the Google Cloud Threat Horizon Report, areas such as weak or no passwords, sensitive UI or API exposed, leaked credentials, vulnerable software, misconfiguration, and others were predominant vectors for unauthorised access.

The report also detailed an emerging challenge -- mobile apps evading cloud enterprise detection through versioning.

Researchers have identified instances of Android applications downloading malicious updates after installation, attempting to evade Google Play Store's malware detections.

Malicious actors can avoid detection algorithms based on static identifiers or patterns using different mobile app versions.

Moreover, the report also covered a growing issue within the cloud environment -- the identification of compromised customer domains and IPs on Google Cloud.

Researchers discovered 13 customer domains and one IP hosted on Google Cloud that were compromised in Q1 2023, using 2022-23 VirusTotal and Mandiant data.

Issues within the telecommunication industry were also highlighted in the report.

It also warned that nation-state hacking and cybercriminal threats won't vanish as the industry embraces cloud services and that modern cybersecurity approaches such as zero-trust can address pre-existing systemic cyber risks.

The researchers found that over the last two years, the most frequently targeted telecom subsectors include wireless telecommunications, IT and telecom services, and data services.

Digital security threats to telco industry business continuity and use of legacy systems will likely persist, along with an increased focus on cloud service providers, as the industry continues migrating critical IT operations and business support systems to the cloud, according to the report.

Finally, the report mentioned that it’s important to raise awareness of how source code compromises or leaks can help cyber threat actors facilitate various exploitation activities.

 
  

Top Stories


Leave a Comment

Title: Credential issues accounted for over 60% of compromise factors in Q1: Report



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.

You might also like