1、2Cortex by Palo Alto Networks|2022 Cortex Xpanse Attack Surface Threat Report Executive SummaryIntroductionDo you stay up at night wondering about the next zero-day on the horizon?Or,do you wake up screaming with the thought that someone in your organization might have created a new cloud asset outs

2、ide of your security processes and not bothered with something simple,like disabling Remote Desktop Protocol(RDP)?As a seasoned security professional,you already know that zero-days get the headlines,but the real problems always come from the dozens of decisions a day made inside your organization.J

3、ust one mistake or lapse in security protocols is all it takes to create a crack in defenses.Its the low-hanging fruit that attackers count on because it has become easy and inexpensive for attackers to find any vulnerabilities,exposures,or other unknown open doors and decide what path will likely o

4、ffer the least resistance in a cyberattack.Even lower-skilled attackers can put together scanning infrastructure to perform a rough scan of the internet to uncover assets ripe for compromise.Some may even take a shot at breaching that exposure,but far more enterprising attackers sell this scan data

5、on the dark web to bidders who can then launch more sophisticated attacks.For example,RDP instances(services to remotely log in to a device for work)sell for anywhere be-tween$3$10 to deploy ransomware on the unsuspecting targets network.1 Luckily,attackers arent the only ones able to scan the entir

6、e internet and discover exposures Cortex Xpanse can too.To help organizations fight fire with fire,the Xpanse research team studied the public-facing internet attack surface of some of the worlds largest organizations.From March to September,we monitored scans of 50 million IP addressesover 1%of the