Are you Vulnerable to Attacks from the Internet? A Pentest Provides Answers

1. August 2023

Organizations are increasingly facing sophisticated cyberattacks and threats. Often, businesses are not aware of which parts of their technical infrastructure are accessible via the Internet, and these very access points can become gateways for hackers.

Why is Internet-accessible IT infrastructure an attractive target for hackers?

The IT infrastructure consists of several components such as servers, databases or applications. Particularly vulnerable are those components that are accessible via the Internet. Each of these components can have vulnerabilities, whether due to outdated software, insecure configurations or other weaknesses.

Attackers use a variety of methods to compromise IT infrastructure accessible via the Internet, including:

  • SQL injection attacks: Attackers specifically search for vulnerable web applications that allow insecure or incorrect database queries. This can potentially allow them to inject and execute arbitrary code within the application. Despite increased use of frameworks and rising awareness, our pentest professionals continue to find these vulnerabilities during their Web Application Penetration Tests. For example, they discovered a zero-day vulnerability of this category in the web shop application „Gambio GX“, which allowed attackers to read database contents.
  • Cross-site scripting (XSS): Attackers exploit vulnerabilities in web applications to inject malicious code into a web server's response, potentially taking complete control of a victim's current session. Cross-site scripting remains one of the most common vulnerabilities identified by our pentest professionals during their Web Application Penetration Tests. They recently found a zero-day vulnerability of this kind in the self-managed cloud alternative "Seafile", where every click on the infected page executed the malicious code.
  • Outdated or unpatched software: When outdated encryption protocols are used for network communications, hackers can exploit known vulnerabilities and compromise your organization's security. For instance, TLS 1.0 still remains one of the most commonly identified vulnerabilities by our Pentest Professionals. Systems that support an outdated protocol can be forced to downgrade the connection from a new, more secure protocol to this outdated one. If such an attack is successful, it can lead to the Interception of exchanged information over the connection, such as usernames and passwords, credit card information, and other sensitive data, by the attacker.

Compromising Internet-accessible IT infrastructure can have severe consequences as it often serves as an entry point. If internal systems also have vulnerabilities, an attacker can establish a foothold and expand the attack. This can lead to stolen or manipulated sensitive information, resulting in financial losses and reputational damage for affected organizations. Furthermore, an attacker can take control of systems and use them for further malicious activities, such as spreading malware or attacking other systems.

Pentests show you how well prepared you are against attacks.

Effective protection of your IT infrastructure against hackers is essential to ensure the security of your company data and systems. Therefore, you should regularly engage independent IT security experts to review your IT infrastructure.

A pentest provides detailed and comprehensive answers to the question of your organization's security level. Our pentest professionals from usd HeroLab test whether hackers can successfully attack your organization via the Internet and thus steal or manipulate sensitive data. First our experts identify all of your active IT systems and web applications accessible via the Internet. Together with you, we then select the most rewarding targets for manual analysis. In this way, you can reliably assess how well prepared you already are against cyberattacks and how you can further enhance your protection.

Do you want to check your IT infrastructure for gateways? Feel free to contact us.

Also interesting:

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

The Digital Operational Resilience Act (DORA) will apply as of January 17, 2025. In addition to routine operational resilience testing, DORA will also make it mandatory for certain financial companies to carry out threat-led penetration testing (TLPT) every three...

Security Advisory on Gambio

Security Advisory on Gambio

The pentest professionals at usd HeroLab examined the online shop software Gambio during their pentests. The software offers merchants various functions that support the management of inventory and orders. Our professionals discovered a vulnerability in the password...