1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Attackers don't need vulnerabilities when the basics work just as well

Discussion in 'CSO' started by RSS, Aug 22, 2016.

  1. RSS

    RSS New Member Member

    You might not know it based on the hype and marketing dedicated to APTs and vulnerabilities, but most criminals don't need to target software or use fancy tactics to ruin a network and compromise sensitive data.

    Josh Abraham, the practice manager for Praetorian, recently compiled a report [registration required] on common attack vectors used during 100 pen test engagements at 75 different organizations between 2013 and 2016.

    "We compiled this paper to detail the top internal attacks we used over the past three years that resulted in Praetorian achieving its objectives. Common objectives include achieving a sitewide compromise and/or access to sensitive information the client requested we gain access to."

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page