TrustWave: Old Security Flaws Still a Major Threat

Kara Reeder

According to a report by TrustWave, companies are so busy chasing down the latest vulnerabilities that they are overlooking the most common, frequently exploited ones. As a result, companies continue to be pagued by old and supposedly well-understood vulnerabilities, reports Computerworld.


The most common vulnerability discovered by TrustWave had to do with the management interfaces for Web application engines such as Websphere. In many cases, attackers could access the interfaces directly from the Internet as they had little or no password protection. This could allow attackers to unleash their own malicious applications on the Web server. The second most common vulnerability has to do with unprotected network infrastructure components such as routers, switches and VPN concentrators.


These vulnerabilities are common well-understood issues that should have been addressed a long time ago, says Nicholas Percoco, senior vice president at TrustWave's SpiderLabs research unit.


As we reported on our Network Security Edge site, TrustWave's reports also notes that the hotel industry was a popular target of cyber criminals last year.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making


SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data