Enterprise Cyber Threats Include Poor Patching and Unencrypted Protocols

Enterprise Cyber Threats Include Poor Patching and Unencrypted Protocols

By Stefania Viscusi

Cato Networks, a provider of SASE solutions, released its Cato CTRL SASE Threat Report for Q1 2024, highlighting significant security vulnerabilities across enterprise networks. The report reveals organizations are still running insecure protocols over their Wide Area Networks (WAN) - making it easier for cybercriminals to infiltrate and move laterally within networks.

The findings are based on analysis of 1.26 trillion network flows and the prevention of 21.45 billion attacks within Cato's SASE Cloud Platform traffic between January and March 2024.

Key insights include a concerning reliance on insecure protocols such as HTTP, telnet, and older versions of SMB. These pose risks for data interception and lateral movement across networks.

Despite the hype around zero-day vulnerabilities, many older exploits like CVE-2017-9841 targeting PHPUnit and CVE-2021-44228 affecting Log4J all remain prevalent - pushing the need to focus on patching known vulnerabilities to remain protected.

The report also noted that AI tools continue to rapidly gain  traction in enterprises. Microsoft Copilot, OpenAI’s ChatGPT, and Emol were commonly used during the first quarter of 2024.

Of the sectors adopting it most, travel and tourism are leading in AI adoption (79% of organizations), while entertainment lags behind (44%).

In terms of industry-specific cyber threats, media and entertainment organizations are also underutilizing security applications. Targeted techniques such as Endpoint Denial of Service (T1499) in industries like entertainment, telecommunications, and mining & metals are still happening. Also services and hospitality sectors face a high risk of credential exploitation (T1212).

The report’s findings are a reminder of the critical need for organizations to address vulnerabilities in their network protocols and prioritize patching known exploits. With cyber threats evolving and industry-specific risks becoming more pronounced, enterprises must adopt comprehensive security strategies, including the integration of AI tools, to effectively mitigate risks and protect their digital assets.

"As threat actors constantly introduce new tools, techniques, and procedures targeting organizations across all industries, cyber threat intelligence remains fragmented and isolated to point solutions," said Etay Maor, Chief Security Strategist at Cato Networks and a founding member of Cato CTRL. "Cato CTRL is filling this gap to provide a holistic view of enterprise threats. As the global network, Cato has granular data on every traffic flow from every endpoint communicating across the Cato SASE Cloud Platform, and we're excited to share what we've learned with the broader industry to spark a more secure future."




Edited by Greg Tavarez
Get stories like this delivered straight to your inbox. [Free eNews Subscription]
SHARE THIS ARTICLE
Related Articles

ServiceNow Transforms the Employee Experience with Additions to Now Platform

By: Greg Tavarez    5/20/2024

ServiceNow announced the addition of new automation solutions to the Now Platform to transform the employee experience and simplify work across the en…

Read More

ICYMI: News Around the MSP Industry

By: Greg Tavarez    5/17/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Wildix UK and Ireland Shake Up Leadership for Growth and Innovation

By: Greg Tavarez    5/16/2024

Wildix announced a strategic leadership transition designed to propel the company's market growth.

Read More

Are Resellers Leaving Money on the Table?

By: Special Guest    5/16/2024

The expert and correct installation of network infrastructure and other components is crucial to every IT project's success, adding tangible value by …

Read More

Bitwarden's New Standalone App Makes Two-Factor Authentication Simple

By: Greg Tavarez    5/15/2024

Bitwarden recently launched a standalone app for two-factor authentication to protect online services and applications from unauthorized access.

Read More