Our Blog

10 Exploited Vulnerabilities in Cybersecurity

Aug 5, 2021 | Blog

TPRM-PAGE2-HEADER

10 Exploited Vulnerabilities in Cybersecurity

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader U.S Government are providing this technical guide to advise IT and Cybersecurity professionals working for both public and private organizations to place increased priority on patching these common exploits. This list provides details on Common Vulnerabilities and Exposures (CVEs) in an attempt to educe these risks.

“Security is always excessive until it’s not enough.”

Robbie Sinclair

From 2016-2019

 

1) Apache Struts and OLE

According to U.S. Government technical analysis, malicious cyber actors most often exploited vulnerabilities in Microsoft’s Object Linking and Embedding (OLE) technology. OLE allows documents to contain embedded content from other applications such as spreadsheets. After OLE, the second-most-reported vulnerable technology was a widespread Web framework known as Apache Struts

2) Microsoft OLE Technology

Of the top 10, the three vulnerabilities used most frequently across state-sponsored cyber actors from China, Iran, North Korea, and Russia are CVE-2017-11882, CVE-2017-0199, and CVE-2012-0158. All three of these vulnerabilities are related to Microsoft’s OLE technology

3) CVE-2012-0158

As of December 2019, Chinese state cyber actors were frequently exploiting the same vulnerability—CVE-2012-0158—that the U.S. Government publicly assessed in 2015 was the most used in their cyber operations.[2] This trend suggests that organizations have not yet widely implemented patches for this vulnerability and that Chinese state cyber actors may continue to incorporate dated flaws into their operational tradecraft as long as they remain effective

4) Patches

Deploying patches often requires IT security professionals to balance the need to mitigate vulnerabilities with the need for keeping systems running and ensuring installed patches are compatible with other software. This can require a significant investment of effort, particularly when mitigating multiple flaws at the same time

5) Microsoft/Adobe Products

 U.S. industry study released in early 2019 similarly discovered that the flaws malicious cyber actors exploited the most consistently were in Microsoft and Adobe Flash products, probably because of the widespread use of these technologies. Four of the industry study’s top 10 most exploited flaws also appear on this Alert’s list, highlighting how U.S. Government and private-sector data sources may complement each other to enhance security

From 2020

6) Unstable VPNs

Malicious cyber actors are increasingly targeting unpatched Virtual Private Network (VPN) vulnerabilities

7) Citrix VPN

An arbitrary code execution vulnerability in Citrix VPN appliances, known as CVE-2019-19781, has been detected in exploits in the wild

8) Pulse Secure VPN

An arbitrary file reading vulnerability in Pulse Secure VPN servers, known as CVE-2019-11510, continues to be an attractive target for malicious actors

9) Microsoft Office 365

March 2020 brought an abrupt shift to work-from-home that necessitated, for many organizations, rapid deployment of cloud collaboration services, such as Microsoft Office 365 (O365). Malicious cyber actors are targeting organizations whose hasty deployment of Microsoft O365 may have led to oversights in security configurations and vulnerable to attack

10) Lack of Awareness

Cybersecurity weaknesses—such as poor employee education on social engineering attacks and a lack of system recovery and contingency plans—have continued to make organizations susceptible to ransomware attacks in 2020

Kayla Moore

 

Contact Us

More Articles from Our Blog

Top 5 Cyber Threats to Business

Top 5 Cyber Threats to Business

Top 5 Cyber Threats to Business With the ever-growing digital age, cyber crime is on a constant rise, and no one seems to be quite safe-- especially small businesses. Small businesses seem to be the primary target for cyber relating crimes, being targeted for a...

read more
Cyber’s Gender Gap

Cyber’s Gender Gap

Cyber's Gender Gap Cybersecurity and Information Technology holds a reputation for being a field of study continuously dominated by men. In 2021, women made up roughly 20-24% of the cybersecurity workforce and we now have 3.5 million unfilled cybersecurity jobs,...

read more
Supply Chain Vulnerabilities and TPRM

Supply Chain Vulnerabilities and TPRM

Supply Chain Vulnerabilities and TPRM Supply chain management and Third Party Risk Management (TPRM). Is there a difference? Companies often don't realize how frequently security breaches happen with their suppliers and third party companies, and more importantly, how...

read more