Reduce security risk with 3 edge-securing steps

July 1, 2024

The biggest hot-button issue in cybersecurity right now is the network edge. Exploitation of vulnerabilities on the perimeter has led to some of the highest profile cyberattacks of the year, including the breach of Microsoft through the exploitation of OAuth credentials, and this has led other cyber threat actors to pursue the same attack vectors even against smaller targets. By following a few specific guidelines, it is possible to reduce the vulnerability of an enterprise to these kinds of threats.

First, consider getting rid of SSL or web-based VPNs. Remote node management complicates several existing security problems, particularly the patching problem. Separate cloud solutions are required to manage remote node patching, and even in the best case scenario, it is still vulnerable to attack. A recent report from the Norwegian National Cyber Security Center (NCSC) has recommended fully abandoning SSL or web-based VPNs in favor of internet protocol security (IPsec) based VPNs with internet key exchange (IKEv2). If practical, consider making this substitution.

Second is password management. All too often, passwords are stored in places they’re not supposed to be, in a format they’re not supposed to be in. Hardcoded passwords or passwords stored in an inappropriate storage platform can be accessed by threat actors, giving them the tools to compromise entire networks. To avoid some of the major roadblocks, it is strongly advised that users should make use of automatically generated passwords stored in password managers.

Lastly, review who has access to your cloud assets. Often the key vector into a network is through a legacy client that still has cloud access. This was the case in the Microsoft breach. These incidents occur because enterprises do not pay close attention to who has access to cloud assets and allow legacy clients to maintain access without proper security. In order to prevent this, it is strongly encouraged that enterprises maintain a strict inventory of cloud access permissions and only give them out as necessary, removing them when they are no longer necessary.

More from Blackwired

May 7, 2025

Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign

Claude AI was misused to run a propaganda network, showing new risks of AI in digital influence and fraud.

Read more
April 30, 2025

Ransomware groups test new business models to hit more victims, increase profits

Ransomware groups adapt with new models; DragonForce decentralizes tools, Anubis shifts to extortion over encryption.

Read more
April 23, 2025

Researchers claim breakthrough in fight against AI’s frustrating security hole

CaMeL secures AI by isolating untrusted input, using dual LLMs and strict code control to block prompt injections.

Read more

© 2024 Blackwired. All Rights Reserved.