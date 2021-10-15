2021, in addition to the continuity of the covid pandemic-20, is also being marked by a large increase in the frequency of cybercrime , especially those targeting large international companies. And, according to Randori’s The Attack Surface Report, companies are not realizing the risks they are taking.

The increase in digital attacks, according to the report, is a consequence of the pandemic , with cyber criminals wanting to take advantage of the adaptation process that many companies have gone through to adapt to remote work during 46 and 2021.

The survey states that all companies, from small even the large multinational corporations are in danger in the virtual world, mainly due to the use of seeing are outdated programs and systems, a fact that, according to the survey, occurs in almost half of the organizations analyzed.

Want to catch up on the best tech news of the day? Go and subscribe to our new channel on youtube, Canaltech News. Every day a summary of the main news in the tech world for you! According to the report, one in each 15 organizations were using outdated versions of the SolarWind program, IT management software. These versions have vulnerabilities that can be used by criminals to execute remote code, thus allowing them to have complete control of the system. Microsoft IIS 6, still used by many companies. (Image: Reproduction/Microsoft Docs) The survey cites other examples of outdated and therefore vulnerable software still used by companies: Microsoft IIS 6, Microsoft’s web server , used by 19% of the companies analyzed, Cisco’s Adaptive Security Appliance, Cisco security device, found at 37% and Citrix NetScaler, controller of Citrix web applications, used by 46% of organizations. The Temptation Score For the report, Randori researchers gave each software tested a Temptation Score, a score that represents the likelihood that criminals will attempt to attack systems where these programs are installed. The score in this system is calculated from the average of six f actors, which we explain below: Enumeration : How easy it is to find out the name, version and configuration details of a software; Exploitation of flaws : The more vulnerabilities of a software were reported during its existence, the higher its score;

Level of importance : The more access a software gives to other systems in the corporate network, the higher your score is in this regard;

Presence in companies : The more common the software is in corporate environments, the higher its score;

Post-Abuse Potential: This score is calculated from how many functions a criminal has access to after abusing a software vulnerability;

Search difficulty: The easier it is to use a vulnerability, the higher the score in this factor. In this scoring system, any program that received a grade above 30 is considered a high security risk. We list the programs cited in the survey and their respective notes below: SolarWinds – 91

Citrix Netscaler – 38

Cisco WebVPN – 38