While robust passwords go a long way to securing your valuable online accounts, hardware-based two-factor authentication takes that security to the next level.
A new report from cybersecurity company Randori has categorized the most tempting internet-exposed assets that an attacker is likely to go after and exploit, finding that one in 15 organizations currently runs a version of SolarWinds that is known to be actively exploited.
In the 2021 Randori Attack Surface Report, researchers assigned each asset with a “Temptation Score” — effectively the likelihood an attacker will go after it. Any exposed asset with a score over 30 is considered to be high, with the highest-ranking assets currently within their corpus reaching an attacker Temptation Score of 55. The version of SolarWinds being actively exploited have an average Temptation Score of 40.
The report found that more than 25% of organizations have RDP exposed to the internet, while 15% of organizations are still running outdated versions of IIS 6, which Microsoft hasn’t supported for six years. Randori gave the IIS 6 a Temptation Score of 37.
Nearly 40% of