The most exploited vulnerabilities revealed by global agencies

Agencies around the world, in partnership with the FBI and the National Security Agency, have released a list of the 15 security holes exploited by hackers in 2021. The goal is to sound the alarm about the importance of closing these vulnerabilities…

Cyber ​​security authorities around the world have just revealed a list of the 15 most exploited cyber security vulnerabilities by hackers in 2021. This list has been published In partnership with the FBI and the National Security Agency.

We note the predominance of the security vulnerabilities Log4Shell, ProxyShell, and ProxyLogon. The Microsoft Exchange Server It was specifically targeted.

In the face of this scourge, Security authorities summon organizations These security breaches close very quickly. They also encourage them to implement patch management systems to reduce their attack surface.

Over the past year, cybercriminals have focused their attacks on Internet front end systems. VPN servers and email services have been specifically targeted. Hackers have exploited the latest vulnerabilities to achieve their ends.

According to the document released jointly between the agencies, ” Cybersecurity authorities in the United States, Australia, Canada, New Zealand and the United Kingdom believe that malicious actors have been aggressively targeted Critical software vulnerabilities have been discoveredincluding public and private sector organizations worldwide “.

The worst weaknesses in recent years

At the same time, agencies also identified and revealed 21 additional vulnerabilities They are most commonly exploited by cybercriminals in 2021. Some of these vulnerabilities affect Accellion’s File Transfer Device (FTA), Windows Sprint Spooler, and Pulse Secure Pulse Connect Secure.

The common document also includes Suggestions for Mitigation Measures. These actions can help companies reduce the risks associated with the most exploited vulnerabilities.

CISA and the FBI also published a list The 10 most exploited security vulnerabilities between 2016 and 2019. This document, which is based on US government data, confirms that bugs in Microsoft Object Linking and Embedding (OLE) technology have often been exploited. The Apache Struts web framework is in second place.

The three most frequently exploited vulnerabilities by Cyber ​​actors from China, Iran, North Korea, and Russia They are CVE-2017-111882, CVE-2017-0199, and CVE-2012-0158. These three vulnerabilities are related to Microsoft OLE technology.

A ranking of the most exploited bugs in 2020 has also been published in collaboration with the Australian Cyber ​​Security Center (ACSC) and the UK’s National Cyber ​​Security Center (NCSC). Four of the 10 most frequently exploited bugs are related to VPNs, remote work, or cloud computing.

The most exploited flaw in 2020 is CVE-2019-19781. This is a weak point Citrix Application Delivery Controller (ADC) : A load balancing application for widely used database, web, and application servers in the United States.

For its part, MITER shared in November 2021 a list of the most serious architectural, programming and hardware design flaws and a list of 25 of the most dangerous software vulnerabilities During the past two years.

There is an urgent need for security breaches

according to CISA Director Jane Easterly” We know cybercriminals go back to what works, which means they target the same critical weaknesses in software and will continue to do so until companies and organizations fix them. “.

This is why CISA and its partners are publishing this guide to Highlight the risks posed by the most exploited vulnerabilities of public and private sector networks. All organizations are invited to review their vulnerability management practices and take action to reduce associated risks.

For most of the bugs exploited in 2021, it’s worth noting that security researchers made this post Proof of Concept (POC) demonstrations It works within two weeks of initial detection. So cybercriminals were able to draw inspiration from this work.

However, hackers also focused their attacks on vulnerabilities Oldest patch for several years. This shows that some organizations do not update their systems, even if a patch is available. This is another problem that needs an urgent solution.