Id within the Shadows: Shedding Gentle on Cybersecurity’s Unseen Threats

Apr 16, 2024The Hacker InformationCloud Security / Risk Intelligence

In right this moment’s quickly evolving digital panorama, organizations face an more and more advanced array of cybersecurity threats. The proliferation of cloud providers and distant work preparations has heightened the vulnerability of digital identities to exploitation, making it crucial for companies to fortify their identification safety measures.

Our current analysis report, The Id Underground Report, provides beneficial insights into the challenges and vulnerabilities organizations encounter in managing digital identities. The report paints a vivid image of the “hidden” identification safety liabilities the place attackers leverage Id Risk Exposures (ITEs) reminiscent of forgotten person accounts and misconfigurations to breach organizations’ defenses, with every ITE posing a major menace to organizations’ safety posture.

Uncover the commonest identification safety gaps that result in compromises within the first-ever menace report centered totally on the prevalence of identification safety gaps.

🔗 Get the Full Report

These findings reveal alarming statistics that underscore the widespread prevalence of ITEs throughout organizations of all sizes:

  • 67% of organizations unknowingly expose their SaaS functions to potential compromise by insecure password synchronization practices.
  • 37% of admin customers nonetheless depend on weak authentication protocols like NTLM.
  • 31% of person accounts are service accounts, which attackers search to focus on as safety groups typically overlook them.
  • A single misconfiguration in Lively Listing spawns a mean of 109 new shadow admins, enabling attackers to vary settings and permissions, and acquire extra entry to machines as they transfer deeper into an surroundings.

The shift to cloud-based environments introduces further challenges, as organizations synchronize on-prem person accounts with cloud Id Suppliers (IdPs). Whereas this streamlines entry, it additionally creates a pathway for attackers to use ITEs in on-prem settings to realize unauthorized entry to cloud sources.

Finally, it’s important to acknowledge the dynamic nature of identification threats. Cybercriminals are continually evolving their techniques, underscoring the necessity for a holistic and layered method to safety. By adopting proactive measures like Multi-Issue Authentication (MFA) and investing in sturdy identification safety options, organizations can improve their resilience towards identity-related threats.

Study extra in regards to the underground weaknesses that expose organizations to identification threats right here and heed the report’s findings to prioritize safety investments and eradicate your identification safety blind spots.

Discovered this text attention-grabbing? This text is a contributed piece from one in every of our valued companions. Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.

Recent articles

Patch Alert: Essential Apache Struts Flaw Discovered, Exploitation Makes an attempt Detected

Dec 18, 2024Ravie LakshmananCyber Assault / Vulnerability Risk actors are...

Meta Fined €251 Million for 2018 Knowledge Breach Impacting 29 Million Accounts

Dec 18, 2024Ravie LakshmananKnowledge Breach / Privateness Meta Platforms, the...

LEAVE A REPLY

Please enter your comment!
Please enter your name here