Reduce security risk with 3 edge-securing steps

July 1, 2024

The biggest hot-button issue in cybersecurity right now is the network edge. Exploitation of vulnerabilities on the perimeter has led to some of the highest profile cyberattacks of the year, including the breach of Microsoft through the exploitation of OAuth credentials, and this has led other cyber threat actors to pursue the same attack vectors even against smaller targets. By following a few specific guidelines, it is possible to reduce the vulnerability of an enterprise to these kinds of threats.

First, consider getting rid of SSL or web-based VPNs. Remote node management complicates several existing security problems, particularly the patching problem. Separate cloud solutions are required to manage remote node patching, and even in the best case scenario, it is still vulnerable to attack. A recent report from the Norwegian National Cyber Security Center (NCSC) has recommended fully abandoning SSL or web-based VPNs in favor of internet protocol security (IPsec) based VPNs with internet key exchange (IKEv2). If practical, consider making this substitution.

Second is password management. All too often, passwords are stored in places they’re not supposed to be, in a format they’re not supposed to be in. Hardcoded passwords or passwords stored in an inappropriate storage platform can be accessed by threat actors, giving them the tools to compromise entire networks. To avoid some of the major roadblocks, it is strongly advised that users should make use of automatically generated passwords stored in password managers.

Lastly, review who has access to your cloud assets. Often the key vector into a network is through a legacy client that still has cloud access. This was the case in the Microsoft breach. These incidents occur because enterprises do not pay close attention to who has access to cloud assets and allow legacy clients to maintain access without proper security. In order to prevent this, it is strongly encouraged that enterprises maintain a strict inventory of cloud access permissions and only give them out as necessary, removing them when they are no longer necessary.

More from Blackwired

April 16, 2025

The Rise of Precision-Validated Credential Theft: A New Challenge for Defenders

Precision-validated phishing targets specific emails, blocking others, evading detection and complicating traditional defenses.

Read more
April 9, 2025

Hunters International Dumps Ransomware, Goes Full-on Extortion

Ransomware groups shift to data privacy extortion as law enforcement and reduced profits make double-extortion less viable.

Read more
April 2, 2025

How SSL Misconfigurations Impact Your Attack Surface

SSL misconfigurations increase cyber risks. EASM platforms offer continuous monitoring to detect and address vulnerabilities effectively.

Read more

© 2024 Blackwired. All Rights Reserved.