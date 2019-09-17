Infosecurity Group Websites

Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more
Latest
News

Most Port Vulnerabilities Are Found in Three Ports

The vast majority of vulnerabilities in ports are found in just three, making it theoretically easier for organizations to defend them against attack, according to Alert Logic.

The security vendor analyzed 1.3 petabytes of security data, over 2.8 billion IDS events, 8.2 million verified incidents, and common vulnerabilities for more than 700 SMB customers, in order to compile its Critical Watch Report for 2019.

It claimed that 65% of vulnerabilities it found in Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) ports are linked to SSH (22/TCP), HTTPS (443/TCP) and HTTP (80/TCP).

RDP/TCP comes in fourth place, which is no surprise as it has already been patched several times by Microsoft, including one for the Bluekeep bug which Redmond warned could provide attackers with WannaCry-like “wormable” capabilities.

The number of vulnerabilities in a port is a good indication of its popularity and it’s no surprise that the top three ports for flaws are also ones exposed to the public-facing internet, Alert Logic said.

However, the findings may provide useful intel for security teams in smaller companies to help them reduce their attack surface quickly and easily.

“As basic guidance, security across all network ports should include defense-in-depth. Ports that are not in use should be closed and organizations should install a firewall on every host as well as monitor and filter port traffic,” the report advised.

“Regular port scans and penetration testing are also best practices to help ensure there are no unchecked vulnerabilities.”

Alert Logic also urged IT security teams to patch and harden any device, software or service connected to ports and to tackle any new vulnerabilities as they appear, as well as changing all default setting and passwords and running regular configuration checks.

The report found that most unpatched vulnerabilities in the SMB space are over a year old, and that misconfigurations, weak encryption and unsupported Windows versions also represent serious risks.

Related to This Story

What’s Hot on Infosecurity Magazine?

1
News

Symantec Axes Hundreds of US Jobs

2
News

Chicago Broker Fined $1.5m for Inadequate Cybersecurity

3
News

City Blocks Email Account of Alderman Who Refuses Cybersecurity Training

4
News

Israeli Cops Arrest Cyber Surveillance Vendor’s Employees

5
News

Cybersecurity Firm Employees Charged with Burglary of Courthouse Client

6
News

Data of Virtually All Ecuadoreans Leaked Online

1
News

New Test Service Launched to Gauge Tech Skills of Job Candidates

2
News

Webcam Security Snafus Expose 15,000 Devices

3
News

Emotet is Back and Spamming Again

4
Webinar

How to Improve Security & Efficiency for Your File Transfers

5
News

Most Port Vulnerabilities Are Found in Three Ports

6
Opinion

Debunking Five Myths about Zero Trust

1
Webinar

Mitigating the Spear-Phishing Attack Threat

2
Webinar

Preventing Email Data Breaches: A Modern Approach

3
Webinar

Moving from FTP to MFT for Security, Functionality and Data Transfer Compliance

4
Webinar

How SOAR Can Improve Security Operations, Monitoring & Incident Response

5
Webinar

DNS: From Security Risk to Defensive Asset

6
Webinar

Can You be Secure by Design, Compliant and Enable Optimum Functionality?

1
Blog

Security by Sector: Jaguar Land Rover & BlackBerry Seek to Improve Security in Manufacturing of Next-Gen Vehicles

2
Opinion

Keeping Data Secure in the Oil and Gas Industry

3
Interview

Life Of: A Software Testing Lab

4
Opinion

#GartnerSEC: How to Keep Your Job After a Cyber-Attack

5
Blog

NIS Directive: One Year On – Has it Been Enough?

6
Interview

Interview: Cory Cowgill, CTO, Fusion Risk Management