Wed, Jun 20 2018, 9:22 am

Network complexity of enterprises brews vulnerability: IXIA

By Digital Edge Bureau, 29.03.2017, 14:51
 
IXIA_Marie_Hattar_1

Marie Hattar, Chief Marketing Officer (CMO), at IXIA

IXIA_Murali_1

Murali Ramalingam, Country Head- Sales, India, at IXIA

IXIA, which has emerged as a leading network visibility solutions provider, has revealed in its latest Security Report—which is a summation of biggest security events taking place in 2016 including findings from IXIA’s application and threat intelligence (ATI) research center—that the growing complexity of enterprise networks is increasingly creating its own vulnerability.
The report says that the average enterprise is using six different cloud services, and network segmentation is increasing; yet, 54 percent of enterprises are monitoring less than half of them, and less than 19 percent of companies believe that their IT teams are adequately trained on a wide array of network appliances they’re managing.
The ATI research center leverages over 800 IXIA engineers and researchers that operate a worldwide, distributed network of honey-pots and web crawlers to actively identify known and unknown malware, attack vectors and application exposures.
“Organizations need to constantly monitor, test and shift security tactics to keep ahead of attackers in the fast-paced threat landscape we all deal with today. This is especially important as new cloud services and increased IoT devices are routinely being introduced,” said Marie Hattar, Chief Marketing Officer (CMO) at IXIA. “To do this effectively, organizations must start by studying their evolving attack surface and ensure they have the proper security expansion measures in place. Simple but effective testing and operational visibility can go a long way to improving security”, added Hattar.
Murali Ramalingam, Country Head- Sales, India at IXIA, said, “Most enterprises today are struggling with network blind spots caused by increases in encrypted traffic on their networks and migrations to public and private cloud environments.  They also need to get better visibility across their rapidly-expanding network estates to address performance issues and mitigate threats”. “The reality is that security and analytics tools are only as good as the data they’re seeing. As such, the only way to truly address these common and widespread challenges is with a strong visibility architecture.  IXIA’s visibility solutions help eliminate these challenges, and enable customers to fully realize their investments in their existing security and monitoring tools”, explained Ramalingam.
The 2016 highlights from IXIA’s ATI research center include:

Top usernames & passwords
Gaining access to accounts is often done the old-fashioned way—brute force guessing starting with the obvious. It is shocking how many network accounts and devices contain default usernames and passwords. At the top of the list were usernames like ‘root’ and ‘admin’, but also ‘ubnt’, which is the default username for AWS and other cloud service offerings that use Ubuntu. The IoT was also a notable target with ‘pi’ for Raspberry PI. The passwords topping the list included favorites like ‘admin’, ‘123456’, ‘support’ and ‘password’.

Top exploited URI paths & CMS
In computing, a uniform resource identifier (URI) is a string of characters used to identify a name of a resource, which can be interacted with via the web using specific protocols. The top exploited URI paths used for brute force WordPress logins were /xmlrpc.php and /wp-login.php.
Across customers, IXIA’s ATI Research Center also saw many attempts to scan for the phpinfo() function and that most URIs attempted for attack were PHP based.

Malware of phishing
Malware continued to dominate over 2016 but there were a few months — namely June, July, and August — during which ransomware phishing appeared to have outpaced malware. Top fishing targets included Facebook, Adobe, Yahoo! and AOL logins. Adobe updates were the most prevalent drive-by updates for delivering malware or phishing attacks.

 

0 comments

Add your comment

Nickname:
E-mail:
Website:
Comment:


five − 3 =

Other articlesgo to homepage

Fortinet’s report says cryptomining malware turn lethal

Fortinet’s report says cryptomining malware turn lethal(0)

In its latest Global Threat Landscape Report, Fortinet finds that the cryptomining malware attacks have been increasing rapidly. The report says that the prevalence of cryptomining malware more than doubled from quarter to quarter, growing from 13 percent to 28 percent. Additionally, cryptojacking was quite prevalent in the Middle-East, Latin America, and Africa. Cryptomining malware

Conforming seamlessly to EU’s GDPR compliance norms

Conforming seamlessly to EU’s GDPR compliance norms(0)

The General Data Protection Regulation (GDPR), adopted in April 2016 after four years of deliberations, is now in force. The regulation made headlines around the globe with its stricter data protection standards, substantial fines, and most of all, extensive reach. The GDPR affects any organization that holds an EU (European Union) citizen’s personal data, no

Cisco takes its START line of solutions to SMEs in Gujarat

Cisco takes its START line of solutions to SMEs in Gujarat(0)

For addressing the IT infrastructure requirements of typical small and medium enterprises (SMEs), Cisco Systems introduced its START range of solutions combining servers, networking gears, network security systems, and communication & collaboration platforms. Now, the company takes concerted initiatives for addressing SMEs and startups in the happening state of Gujarat with its START genre of solutions. Yes,

Fortinet intros solution for industrial control systems

Fortinet intros solution for industrial control systems(0)

Fortinet, world’s one of the leading network security systems providers, has announced the availability of its OT (operational Technology) security solution for critical infrastructure and industrial organizations. The new solution integrates ruggedized firewall, switching, and wireless access point appliances with FortiGuard industrial threat intelligence to provide integrated cybersecurity protections for ICS (industrial control systems) and

ComGuard to pitch in GFI’s acquired Kerio Technologies

ComGuard to pitch in GFI’s acquired Kerio Technologies(0)

In 2017, GFI Software acquired two companies Exinda and Kerio Technologies. While, Exinda is a big name in the field of WAN Optimization & Orchestration—competing with likes of Riverbed and Silver Peak—Kerio Technologies has been known for providing network security appliances (UTMs), IP-PBX, as well as unified communication & collaboration (UC&C) systems (including cloud based

read more
banner

Contacts and information

New Delhi (India)

Social networks

Most popular categories