"Web App Warning: 74% Of Apps With PII Are Vulnerable to a 'Major Exploit'"

An analysis of 3.5 million business assets revealed that most Internet-exposed web apps containing Personal Identifiable Information (PII) are vulnerable to cyberattacks. Hackers use PII for financial, credential, and phishing-related attacks. Seventy-four percent of the web apps the security company CyCognito examined contain PII vulnerable to at least one known major exploit, such as Apache Superset, Papercut, or MOVEit. The report discovered that 11 percent of vulnerable assets had multiple "easily exploitable" flaws, including misconfiguration, lack of secure HTTPS encryption, and the absence of a Web Application Firewall (WAF). According to the report, the average enterprise has over 12,000 web apps, of which at least 30 percent, or more than 3,000 assets, contain at least one exploitable or high-risk vulnerability. This article continues to discuss key findings from CyCognito's analysis. 

SC Magazine reports "Web App Warning: 74% Of Apps With PII Are Vulnerable to a 'Major Exploit'"