"The Most Common Exploit Paths Enterprises Leave Open for Attackers"

According to Mandiant, the most common exploit paths that medium to large enterprises left open for attackers in Q1 2022 include exposed version control repositories, leaked secrets in public code repositories, a subdomain vulnerable to takeover, exposed Amazon S3 buckets, and Microsoft Exchange Server servers vulnerable to CVE-2021-42321 abuse. Mandiant's list is based on the most common issues found through continuous scanning of its customers' external attack surface from January 1, 2022, to March 31, 2022. Other potential issues that were less frequently encountered include exposed services and ports, misconfigurations, and specific vulnerabilities (e.g., in SAP, Log4j, etc.). Enterprises are encouraged to constantly monitor their ever-changing external attack surface and act fast when exploitable gaps and exploit pathways are discovered. This means closing them and checking whether attackers took advantage of them during the window of opportunity they provided. Mandiant emphasizes that it is essential to establish a complete view of the attack surface in order to enable cyber threat profile creation, prioritizations of updates and configuration changes, context for penetration testing, incident response, and remediation. This article continues to discuss the top issues observed by Mandiant Advantage Attack Surface Management. 

Help Net Security reports "The Most Common Exploit Paths Enterprises Leave Open for Attackers"