In the tech security scene, we’re always on the lookout for new vulnerabilities, especially when they are already exploited in the wild. The latest zero-day CVE-2023-20269 is hitting Cisco’s Adaptive Security Appliance VPN features. The attack surface scan conducted by IONIX research on a sample of organizations indicates that 13% of these appliances are potentially vulnerable through at least one interface.

In the tech security scene, we’re always on the lookout for new vulnerabilities, especially when they are already exploited in the wild. The latest zero-day CVE-2023-20269 is hitting Cisco’s Adaptive Security Appliance VPN features. The attack surface scan conducted by IONIX research on a sample of organizations indicates that 13% of these appliances are potentially vulnerable through at least one interface.

There are flaws in every organization’s IT infrastructure, along with software that requires patching. These flaws could arise from various sources, such as human errors during software coding. Hackers are always on the lookout to exploit these flaws and applications. However, by following a vulnerability assessment methodology to perform vulnerability assessments, organizations can identify these weaknesses before the cyber adversaries do.

Cyber risk trends are constantly evolving, driven by the pace of technological advancements that streamline business processes yet can introduce vulnerabilities in your company’s attack surface. With increased use of SaaS, cloud solutions, APIs, and third-party services, companies have many exposed and connected internet-facing assets that they’re unaware of, providing an open door for attackers to exploit.

The role of the CISO (Chief Information Security Officer) is one of the most important in any organization, and finding the right professional for the job is vital. The CISO leads the company’s information security strategy and bears the ultimate responsibility for the company’s security posture and how effectively it protects its information systems.

IONIX has won two prestigious 2023 Globee® Awards, which include a Silver in the 3rd Annual Globee® Information Technology (IT) Awards for Best Attack Surface Management Product and a Silver in the 3rd Annual Globee® Disruptor Award for Cyber Security Software. These awards come on the heels of a Gold 2023 Globee® Cybersecurity Award for Best Security Software.

Smart automation in ASM refers to the application of intelligent and adaptive technologies and tools to automate the attack surface management process. By leveraging machine learning algorithms and artificial intelligence technologies, enterprises can automate discovery and threat exposure, drastically reducing the time and resources required for the process. They can also minimize false positives and false negatives.

In the digital era, managing your attack surface – the sum total of all potential attack vectors in your systems – is a critical part of your cybersecurity strategy. Attack Surface Management (ASM) provides the insights and tools necessary to understand, assess, prioritize and remediate risks faster and more effectively. In this post, we’re going to explore eight key ASM advantages for security teams, and the key product capabilities needed to achieve them.

As security teams witness that their organization’s digital footprint keeps growing in size and complexity, the urgent need for attack surface discovery becomes clear. But what exactly does attack surface discovery entail, and why is it so crucial in today’s digital landscape? This blog post aims to demystify attack surface discovery and provide insights into its importance for security operations teams.

CVE-2023-34362 is an SQL injection (SQLi) vulnerability that has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database. SQL Injection (SQLi) poses significant risks as it allows attackers to potentially steal, manipulate, or delete sensitive data from databases.