Connect with us

Technology

40% of Environments are Vulnerable to Full Take Over, New Picus Security Report Unveils

Published

on

The Picus Blue Report 2024 also found, security controls for macOS endpoints only prevented 23% of simulated attacks, compared to over 60% for Windows and Linux

SAN FRANCISCO, July 30, 2024 /PRNewswire/ — Picus Security, the leading security validation company, has released The Blue Report 2024: State of Exposure Management* that revealed 40% of tested environments allowed attack paths that lead to domain admin access. Achieving domain admin access is particularly concerning because it is the highest level of access within an organization’s IT infrastructure, and is like giving attackers a master key. The report was based on a worldwide comprehensive analysis of more than 136 million cyber attacks simulated by the Picus Security Validation Platform.

The Security Domino Effect is Concerning

The report reveals that, on average, organizations prevent 7 out of 10 of attacks, but are still at risk of major cyber incidents because of gaps in threat exposure management that can permit attackers using automation to move laterally through enterprise networks. Of all attacks simulated, only 56% were logged by organizations’ detection tools, and only 12% triggered an alert. 

“Like a cascade of falling dominoes that starts with a single push, small gaps in cybersecurity can lead to big breaches,” said Dr. Suleyman Ozarslan, Picus co-founder and VP of Picus Labs. “It’s clear that organizations are still experiencing challenges when it comes to threat exposure management and balancing priorities. Small gaps that lead to attackers obtaining domain admin access are not isolated incidents, they are widespread. Last year, the attack on MGM used domain admin privileges and super admin accounts. It stopped slot machines, shut down virtually all systems, and blocked a multi-billion-dollar company from doing business for days.” 

Well over a third (40%) of environments have weaknesses that allow attackers with initial access to a network to achieve domain admin privileges. Once they have these privileges they can manage user accounts or modify security settings. A compromised domain admin account can lead to full control of the network, allowing attackers to conduct data exfiltration, deploy malware, or disrupt business operations.

macOS EDR Misconfigurations Lead to Vulnerabilities

The Blue Report 2024 also highlights that macOS endpoints are far more likely to be misconfigured or allowed to operate without Endpoint Detection and Response (EDR). macOS endpoints only prevented 23% of simulated attacks, compared to 62% and 65% for Windows and Linux. This highlights a potential gap in IT and security team skill sets and approach in securing macOS environments.

“While we have found Macs are less vulnerable to start, the reality today is that security teams are not putting adequate resources into securing macOS systems,” said Volkan Ertürk, Picus Security Co-Founder and CTO. “Our recent Blue Report research shows that security teams need to validate their macOS systems to surface configuration issues. Threat repositories, like the Picus Threat Library, are armed with the latest and most prominent macOS specific threats to help organizations streamline their validation and mitigation efforts. 

The Blue Report 2024 helps security teams benchmark their performance against peers and identify areas for improvement. Additional key findings include:

Common language passwords: 25% of companies use passwords that are words commonly found in the dictionary. This means that it is easy for attackers to crack hashed passwords and obtain cleartext credentials.Organizations only prevent 9% of data exfiltration techniques used by attackers. Data exfiltration is used to steal sensitive data and is commonly used in ransomware attacks.BlackByte, the most challenging ransomware group for organizations to defend against, is prevented by just 17% of organizations, followed by BabLock (20%) and Hive (30%).

For more information: 

Download the Picus Blue Report 2024Read the Blue Report 2024 blogBlue Report 2024 Media Kit

*Methodology:

The findings in this report are based on the results of simulated attack scenarios executed by Picus Security customers from January to June 2024. The data has been anonymized and aggregated from 136 million attack simulations. Research and analysis was completed by Picus Labs, the research team of Picus Security.

About Picus Security

Picus Security, the leading security validation company, gives organizations their validated risk level and pinpoints critical gaps. Picus Security Validation Platform transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on high-impact fixes. The Picus Exposure Data Fabric and Numi AI™ help security teams understand their risk and prioritize a short-list worth pursuing. 

The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing. Picus Security also has a willingness to recommend percentage of  95% in the 2024 Gartner® Peer Insights™ Voice of the Customer for Breach and Attack Simulation Tools**.

** Gartner, Voice of the Customer for Breach and Attack Simulation Tools, Peer Contributors, 30 January 2024 

GARTNER is a registered trademark and service mark, and PEER INSIGHTS is a trademark and service mark, of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences with the vendors listed on the platform, should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

Logo: https://mma.prnewswire.com/media/2183222/4835187/Picus_Logo.jpg

View original content:https://www.prnewswire.co.uk/news-releases/40-of-environments-are-vulnerable-to-full-take-over-new-picus-security-report-unveils-302209716.html

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

Bybit Champions Web3 Innovation and Strengthens Ties with Asia’s Crypto Community at Taipei Blockchain Week

Published

on

By

DUBAI, UAE, Dec. 24, 2024 /PRNewswire/ — Bybit, the world’s second-largest cryptocurrency exchange, debuted at the Taipei Blockchain Week Dec. 12 to 14, 2024, spotlighting the vibrant Web3 innovations on its platform alongside a dynamic roster of its strategic Layer 1 ecosystem partners.

Featuring side events in collaboration with the Solana Foundation, the Sui Foundation, and a dazzling lineup of multichain projects, Bybit Web3 dedicated the Taipei tour to building up communities and deepening connections with Web3 ecosystem partners. The Bybit delegation also took the stage to uncover the latest insights on Web3, building with a purpose, and the future of blockchain utilities and DeFi.

Purpose, Innovation, and Partnerships

Representing Bybit at the conference were MK Chin, Core Contributor for Blockchain for Good Alliance and Head of Marketing of Bybit Web3, and Angela Huang, Bybit VIP Relationship Manager, at various panels.

Expanding on blockchain technology’s potential in building better realities for all, Chin joined as a panellist in the session Marketing Web3: Strategies to Engage and Onboard the Next Billion Users. Chin shared learnings and actionable insights from the Bybit-supported Blockchain for Good initiative (BGA), elaborating on both real-world utilities of blockchain technologies and the trickling down of benefits to grassroot communities.

Meanwhile, Angela Huang moderated three sessions closely tied to Bybit’s mission, steering conversations on crucial industry topics:

The panel Bridging TradFi and DeFi: The Exchange’s Role in User Onboarding on Dec. 12 examined how exchanges could elevate access to the digital economy for users at scale.On Dec. 13, Networked Intelligence: The Rise of Decentralized AI explored the intersection of blockchain and AI, showcasing their potential to transform and democratize finance.The Building for Impact: How Female Founders Drive Purpose-Driven Innovation panel on Dec. 14 highlighted the evolving role of women leaders in driving solution-oriented innovation.

Another highlight at the event was amplified globally via Bybit Livestream. Collaborating with the Sui Foundation, Ondo, DeepBook, Scallop, NAVI, and other leading projects, Bybit Web3 led a critical debate on the future of Sui’s growth strategy: Sui Ecosystem Showdown: Mass Adoption vs. Native Growth. Hosted by Emily Bao, Head of Web3 and Spot at Bybit, the livestream attracted over 6,500 viewers live at the Taipei Blockchain Week and globally on Dec. 13.

Deepening Bonds: Key Web3 Ecosystems and Communities

Bybit Web3 brought the local community closer to its world-class ecosystem partners with engaging community events, co-hosting Taiwan DeFi Flow with Sui and Scallop on Dec. 12, and Solana Ecosystem Taipei Greetings with the Solana Foundation and Solar with the support of Orderly Network, Zetachain, Jupiter, and Sonic, on Dec. 14. Through collaborations and innovation, Bybit Web3 opens up new on-chain possibilities for partners and stakeholders to expand the Web3 universe.

These relaxed evening gatherings provided a convivial backdrop for like-minded builders and entrepreneurs to network, exchange ideas, and celebrate their shared enthusiasm for DeFi and dApps in Asia’s growing Web3 innovation hub.

“It’s been an incredible experience connecting with the builders, believers, users, creators, and supporters driving innovation on Solana and Sui. These moments remind us of the heart and spirit of Web3—a vibrant ecosystem shaped by collaboration and shared vision. I’m deeply proud to witness this growth, grateful for every connection made, and excited for the road ahead,” said MK Chin, Core Contributor for Blockchain for Good Alliance and Head of Marketing of Bybit Web3.

“Taipei Blockchain Week showcased the immense growth and potential of Web3 innovation in Asia. Representing Bybit, I had the honor to collaborate with industry leaders to explore Web3’s limitless possibilities, from DeFi and AI to real-world applications. Together, we are shaping a more inclusive global crypto community,” said Angela Huang, Bybit VIP Relationship Manager.

In the past year, Bybit has seen exponential growth in its user base, surging to over 60 million by the end of 2024. It has also invested in vertical growth through community engagements across the world. Connected by the passion for the future of crypto, blockchain, and Web3, the Bybit family is on track to building an inclusive and sustainable path to growth for the industry.

 

#Bybit / #TheCryptoArk / #BybitWeb3

About Bybit Web3

Bybit Web3 is redefining openness in the decentralized world, creating a simpler, open, and equal ecosystem for everyone. We are committed to welcoming builders, creators, and partners in the blockchain space, extending an invitation to both crypto enthusiasts and the curious, with a community of over 130 million wallet addresses across over 30 major ecosystem partners, and counting.

Bybit Web3 provides a comprehensive suite of Web3 products designed to make accessing, swapping, collecting and growing Web3 assets as open and simple as possible. Our wallets, marketplaces and platforms are all backed by the security and expertise that define Bybit as the world’s second-largest cryptocurrency exchange by trading volume, trusted by over 50 million users globally.

Join the revolution now and open the door to your Web3 future with Bybit.

For more details about Bybit Web3, please visit Bybit Web3.

About Bybit

Bybit is the world’s second-largest cryptocurrency exchange by trading volume, serving a global community of over 60 million users. Founded in 2018, Bybit is redefining openness in the decentralized world by creating a simpler, open and equal ecosystem for everyone. With a strong focus on Web3, Bybit partners strategically with leading blockchain protocols to provide robust infrastructure and drive on-chain innovation. Renowned for its secure custody, diverse marketplaces, intuitive user experience, and advanced blockchain tools, Bybit bridges the gap between TradFi and DeFi, empowering builders, creators, and enthusiasts to unlock the full potential of Web3. Discover the future of decentralized finance at Bybit.com.

For more details about Bybit, please visit Bybit Press

For media inquiries, please contact: media@bybit.com

For updates, please follow: Bybit’s Communities and Social Media

Discord | Facebook | Instagram | LinkedIn | Reddit | Telegram | TikTok | X | Youtube

View original content to download multimedia:https://www.prnewswire.com/apac/news-releases/bybit-champions-web3-innovation-and-strengthens-ties-with-asias-crypto-community-at-taipei-blockchain-week-302338870.html

SOURCE Bybit

Continue Reading

Technology

Yu Liu, Vice President of Baijiayun, to Attend 2024 Jixin AIGC Summit for Exploring New Industry Landscape

Published

on

By

BEIJING, Dec. 24, 2024 /PRNewswire/ — Baijiayun Group Ltd (“Baijiayun” or the “Company”) (NASDAQ: RTC), a one-stop AI video solution provider, today announced that it will attend the 2024 AIGC Summit soon.

Recently, the 2024 AIGC Summit, hosted by “Jixin”, a venture capital and industry research media that focuses on industrial AI, is about to kick off. As an outstanding enterprise representative that has successfully implemented AI technology in various industries, Baijiayun has been invited to attend. Yu Liu, the vice president of Baijiayun, will share unique insights at the summit to promote industry communication and progress.

This summit focuses on the in-depth application of AIGC technology in vertical scenarios, aiming to analyze the strategies, practices and successful experiences of AI going global, grasp the pulse of the development of the times, build a more open and win-win AIGC industrial ecosystem on a global scale, and open a new chapter for the future.

As an important participant in the AIGC field, Baijiayun has achieved remarkable results in technological innovation and application implementation. Vice President Yu Liu has been deeply involved in many core businesses and strategic decisions during the development of the company and has rich experience and profound insights in the application practice of AIGC technology. His attendance at this summit is expected to bring the latest achievements and innovative ideas of Baijiayun in vertical scenario applications and international market expansion, providing valuable references and inspirations for industry colleagues, further stimulating the innovation vitality and development momentum of the industry, and promoting the AIGC industry to a new peak. Many industry insiders are looking forward to this summit with full anticipation. It is believed that with the joint efforts of all parties, a clear and promising blueprint for the future development of the AIGC industry will be drawn.

For investor and media enquiries, please contact:

Company Contact:
Ms. Fangfei Liu 
Chief Financial Officer, Baijiayun Group Ltd
Phone: +86 25 8222 1596
Email: ir@baijiayun.com

View original content:https://www.prnewswire.com/news-releases/yu-liu-vice-president-of-baijiayun-to-attend-2024-jixin-aigc-summit-for-exploring-new-industry-landscape-302338871.html

SOURCE Baijiayun Group Ltd

Continue Reading

Technology

My China Story: Technology Brings the World Together for a Chinese New Year

Published

on

By

BEIJING, Dec. 24, 2024 /PRNewswire/ — As the Spring Festival approaches, many are preparing for their holiday travels abroad. While the excitement of spontaneous trips is undeniable, one of the biggest hurdles travelers face is language barriers. However, iFlytek‘s innovative translation device promises to make communication effortless, helping you navigate any language challenges with ease.

 

Known for its sleek and compact design, iFlytek’s smart translation gadget offers an elegant black, business-style exterior, a moderate size, and a lightweight build. It’s the ideal travel companion, fitting easily into your pocket without weighing you down. Whether you’re heading to a city getaway or a remote adventure, this device ensures that language is never an obstacle.

The device boasts impressive capabilities, supporting translations in 84 languages online and 16 languages offline. Whether you’re traveling to Japan, South Korea, France, Germany, or the Middle East, this device handles it all. Even in remote locations—such as secluded mountain temples or isolated islands—the offline translation feature ensures you won’t be left speechless. The device also offers specialized vocabulary for specific fields, making translations more precise and professional.

With its intuitive interface, the gadget is easy to use—just a tap, and you’re ready to communicate. This makes it a perfect tool for travelers who want to ensure a smooth and enjoyable experience while abroad.

But what lies behind this innovative device? How did it come to life? To learn more about its development and functionality, we are following a Russian journalist as he visits iFlytek’s headquarters for an exclusive look at this remarkable “gadget” and uncover the story behind its creation.

Stay tuned as we explore the technology that’s revolutionizing the way we connect across cultures.

https://youtu.be/QkdFG0LvH70

View original content to download multimedia:https://www.prnewswire.com/news-releases/my-china-story-technology-brings-the-world-together-for-a-chinese-new-year-302338865.html

SOURCE “My China Story” International Short Video Competition Organizing Committee

Continue Reading

Trending