Researcher discovers exposed ServiceBridge database
- by nlqip
Risks from exposed documents
In his report Fowler noted that the potential risks of invoice fraud from stolen documents affect both business-to-customer (B2C) and business-to-business (B2B) transactions. “Exposed invoices and internal business documents can potentially serve as a template for criminals to target victims using internal information that only the business and the customer would know,” he wrote. “This insider knowledge is likely to generate a sense of trust, significantly increasing the chances of effective fraudulent activity.”
One cause of exposed corporate databases can be remote employees who aren’t working behind a firewall, said Johannes Ullrich, dean of research at the SANS Institute, a cybersecurity training provider. “It takes some work to expose databases,” he said in an interview. “It’s not something super-trivial to do.”
Cybersecurity requires discipline
Asked how CSOs can prevent employees making mistakes with files or misconfiguring systems, Ullrich said it comes down to attack surface monitoring. That involves pre-emptively scanning not only the organization’s IP space, but also those of employees, for open ports, exposed APIs, and exposed corporate data.
Source link
lol
Risks from exposed documents In his report Fowler noted that the potential risks of invoice fraud from stolen documents affect both business-to-customer (B2C) and business-to-business (B2B) transactions. “Exposed invoices and internal business documents can potentially serve as a template for criminals to target victims using internal information that only the business and the customer would…
Recent Posts
- A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
- CISA Adds One Known Exploited Vulnerability to Catalog | CISA
- Xerox To Buy Lexmark For $1.5B In Blockbuster Print Deal
- Vulnerability Summary for the Week of December 16, 2024 | CISA
- Arm To Seek Retrial In Qualcomm Case After Mixed Verdict