Your Personal Info Can Be Stolen Thanks To Loads Of Vulnerable Web Apps

[ad_1]

A large amount of web-based apps are vulnerable to attack, putting users’ Personal Identifiable Information (PII) at risk.

This is according to new report by CyCognito, who found that 74% of such apps contained PII that was vulnerable to known major exploits, such as those related to Apache Superset, Papercut, MOVEit. 11% included flaws that were easy to exploit, ranging from misconfiguration, the lack of HTTPS encryption, and no deployment of a cloud firewall (WAF).

The report also found that an enterprise usually has more than 12,000 web applications, and more than 3,000 of them have at least one flaw that can be exploited. 50% of these vulnerable apps are also hosted in the cloud. And in another twist, an alarming 98% are potentially not compliant with GDPR as users are unable to opt out of cookies.

Widespread problem

CyCognito’s report seems to support analysis conducted by SANS Institute and Akamai last year, which found that 2022 set a new record for cyberattacks on applications and APIs.

CyCognito CEO Rob Gurzeev alluded to the now infamous MOVEit breach which continues to affect organizations, seeing it as a salutary lesson for CISOs on the importance of cloud security.

He said that as, “a company’s attack surface fluctuates up and down by as much as 10 percent a month,” it makes it a “moving target rife with security gaps ready to be exploited.”

“Our latest research is not only a wake-up call that no business is immune to risk; it’s also clear proof that unknown and undiscovered assets present a major threat to an organization,” he added.

Callie Guenther, cyber threat research senior manager at Critical Start, commented on the sheer scale of PII exposed to breaches: “If 74% of assets with PII are exposed to at least one known major exploit, and 10% have an easily exploitable issue, it paints a concerning picture of the current state of external exposure management.”

And Darren Guccione, CEO of Keeper Security, explained the problem with PII falling into the hands of criminals, as it can be “used nefariously for fraud and sold to bad actors on the dark web,” adding that, “the FTC received 761,660 imposter scam fraud reports in the US in 2022 alone – resulting in nearly $3 billion in losses.”

[ad_2]
#personal #info #stolen #loads #vulnerable #web #apps

Your personal info can be stolen thanks to loads of vulnerable web apps

Like this:

Related

Leave a ReplyCancel reply

Product Highlight

Recent Posts

SSC all exams, links is here

Political Heat Rises In Bihar Ahead Of PM Modi’s Bhagalpur Visit

`Mentality Of Slavery`: PM Modi Targets Critics Of Maha Kumbh

CAG Reports, Speaker Election On Agenda As Delhi Assembly Session Begins Tomorrow

BJP Targets Left, Congress Using Italian PM Meloni`s Speech On Trump`s Victory

Earthquake In Jammu and Kashmir: Tremor Of 3.8 Magnitude Hits Kupwara

Germany’s Elections and Their Global Impact: A Political Shift with Worldwide Consequences

PDP Kick Starts Campaign To Ban Alcohol In Jammu And Kashmir, Iltija Mufti Slams NC

Telangana Tunnel Collapse: 2 Engineers Among 8 Trapped; PM Modi Calls CM Reddy | 10 Points

Shivraj Singh Chouhan Blasts Air India Over `Broken, Sunken` Seats, Airlines Apologises; Congress Taunts

Welcome

Categorys

Site Links