CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Services
Capture
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

twi-managed-portal-color
Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

twi-briefcase-color-svg
Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

tw-laptop-data
Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

twi-database-color-svg
Database Security

Prevent unauthorized access and exceed compliance requirements.

twi-email-color-svg
Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

tw-officer
Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

tw-network
Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Solutions
BY TOPIC
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats

How Your Adversaries Increase Their Odds Thanks to the Growing Attack Surface

I recently listened to a podcast discussing the expanding legalization of sports betting in the United States.

The guest turned out to be a cybersecurity enthusiast-turned-professional poker player. In one part of the show, he described how, in advance of the Super Bowl, sportsbooks offer hundreds of bets known as propositions, or “props,” on which gamblers can wager their hard-earned dollars.

The props range from the seemingly sensical – How many combined touchdowns will both teams score? – to the more obscure (and slightly absurd) – What color of Gatorade will be dumped on the winning coach?

In gambling, the No. 1 rule is the house always wins. But Super Bowl props provide a potentially advantageous opportunity for the shrewd bettor. Why is this the case?

To explain, the podcast guest drew on his security background and compared the plethora of Super Bowl wagering options to the ever-widening cyberattack surface.

The more choices a smart punter has on which to risk their money, he said, the more likely they will discover opportunities that can be exploited. Thus, their edge of winning is bigger. The same goes for malicious hackers seeking entry into a target organization. Their likelihood of success grows with each available vulnerability.

Which brings us to the point of all of this: Your attack surface is teeming with potential liabilities. Here are the modern-day risks you need to mitigate to help prevent your adversaries from cashing in.

 

Endpoints

Most advanced threats that evade traditional prevention security measures start on the endpoint, and with the explosive growth of the Internet of Things (IoT), that means you have more ground to cover than ever. Desktops and laptops may be the most common initial infection point, but anything with an internet connection places your organization at risk. That includes non-traditional endpoints, including routers. To overcome limitations, you should combine strong internal policies with testing, detection and response capabilities to help stay protected.

 

Applications and Databases

Applications act as the digital front door into your organization, and databases are their connected companions. Both necessitate varying forms of protection, each requiring a multi-pronged approach. The threat of vulnerable applications, responsible for a surprisingly large number of the major data breaches in recent years, can be assuaged with web application firewalls, scanning and testing, and stronger development training. Meanwhile, database defense must evolve beyond simple patching to also include vulnerability testing, user rights management and activity monitoring.

 

End-Users

Phishing is one of those information security problems that even your grandparents know about – yet it remains one of the most successful means of attack, even against businesses that know it’s coming. The reason why is simple: It works. Everybody still uses email, and attackers have invoked clever ways to prey on human emotions and dupe uses into divulging confidential credentials or clicking on links and attachments. To address human frailty and conquer savvy phishers, you should deploy an advanced email security gateway, complemented by a security awareness program that uses creative ways to reach employees.

***

The information contained here should help clarify what you need to do to reduce your attack surface. And, by the way, if you’re betting on the color of Gatorade, go with clear.

Dan Kaplan is manager of online content at Trustwave and a former IT security reporter and editor.

Latest Trustwave Blogs

The Power of Red and Purple Team Drills in Enhancing Offensive Security Programs

Despite investing in costly security solutions, keeping up with patches, and educating employees about suspicious emails, breaches still occur, leaving many organizations to wonder why they are...

Read More

Balancing Innovation and Security: How Offensive Security Can Help Navigate the Tech Industry’s Dual Challenges

Two of the greatest threats facing technology-focused organizations are their often-quick adoption of new technologies, such as artificial intelligence (AI), without taking security measures into...

Read More

Trustwave Government Solutions (TGS) Salutes New Mexico’s New Cybersecurity Executive Order

New Mexico Governor Michelle Lujan Grisham issued an Executive Order to shore up the state’s cybersecurity readiness and better safeguard sensitive data by conducting a state-wide security assessment...

Read More