zdnet[.]com/article/1-in-15-organizations-runs-actively-exploited-version-of-solarwinds-report/
A new report from cybersecurity company Randori has categorized the most tempting internet-exposed assets that an attacker is likely to go after and exploit, finding that one in 15 organizations currently runs a version of SolarWinds that is known to be actively exploited.
The report found that more than 25% of organizations have RDP exposed to the internet, while 15% of organizations are still running outdated versions of IIS 6, which Microsoft hasn't supported for six years. Randori gave the IIS 6 a Temptation Score of 37.Nearly 40% of organizations use Cisco's Adaptive Security Appliance (ASA) firewall, which has a history of public vulnerabilities and a Temptation Score of 37. Almost half of all organizations run Citrix NetScaler, which has a score of 33 and multiple public exploits.
Both CiscoWeb VPN and Palo Alto Global Protect joined Citrix NetScaler as VPNs listed in the report with high Temptation Scores.
Just 3% of organizations are still running versions of Microsoft Outlook Web Access, but this alarmed Randori researchers, who noted the recent Exchange hacks and several known exploits for the tool. It was one of the highest on the Temptation Score scale at 38.
Not to excuse criminals, or to shame victims, I would expect more businesses to at least try to lock the doors. Guess the CEOs are too busy worrying about pressure from their investors -- reportedly investors are pushing companies Not to ramp up production now that the world is getting back to work, because shortages are profitable. That's of course No consolation when we're trying to heat our homes this winter, as those costs skyrocket.