Security News > 2022 > January > The Internet’s Most Tempting Targets
For every 1,000 assets on an attack surface, there is often only one that's truly interesting to an attacker.
Attackers likely put it top of their list because 1) there is a known exploit; 2) Solarwinds is typically a mission-critical technology for a business that could give an attacker privileged access; and 3) it's widely used.
Another thing: The more an attacker knows about a system, the more tempting it is.
Services which expose the name, version, and better yet, configuration information, make it easier for an attacker to cross-check to see if there are any known public vulnerabilities or exploits weaponized against that specific version and to confirm if an exploit will land.
The Defender's Move There's a bit of an equation that goes into deciding what the most tempting targets are on an attack surface.
This can mean adding logging/monitoring, web application firewalls or segmentation to critical assets on an attack surface - or even taking systems offline entirely if they don't need to communicate with the internet.
News URL
https://threatpost.com/internet-most-tempting-targets/177869/