Written by: Jay H.
A joint security advisory issued by the top cybersecurity agencies reveals the most targeted vulnerabilities by cybercriminals over the past two years.
The USA’s Cybersecurity and Infrastructure Security Agency (CISA), the USA’s Federal Bureau of Investigation, the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) also shared details on these security flaws and how organizations can mitigate their risk.
Remote Work, VPNs, and Cloud-Based Technology Targeted
Based on data available to the U.S. government, most of the top vulnerabilities had been disclosed during the past two years. Moreover, cybercriminals focused their efforts on remote work options including VPNs and cloud-based technology as a result of COVID-19.
The rapid shift and increased use of remote work options, such as virtual private networks (VPNs) and cloud-based environments, likely placed an additional burden on cyber defenders struggling to maintain and keep pace with routine software patching,” said CISA.
The list includes the top thirty vulnerabilities, primarily Common Vulnerabilities and Exposures (CVEs). Many of these are publicly known and dated software vulnerabilities that have available security patches.
Four of the most targeted vulnerabilities affected remote work, VPNs, or cloud-based technology. These exploits highlight the importance of rigorous patch management.
Vendor | CVE | Type |
Citrix | CVE-2019-19781 | arbitrary code execution |
Pulse | CVE 2019-11510 | arbitrary file reading |
Fortinet | CVE 2018-13379 | path traversal |
F5- Big IP | CVE 2020-5902 | remote code execution (RCE) |
MobileIron | CVE 2020-15505 | RCE |
Microsoft | CVE-2017-11882 | RCE |
Atlassian | CVE-2019-11580 | RCE |
Drupal | CVE-2018-7600 | RCE |
Telerik | CVE 2019-18935 | RCE |
Microsoft | CVE-2019-0604 | RCE |
Microsoft | CVE-2020-0787 | elevation of privilege |
Netlogon | CVE-2020-1472 | elevation of privilege |
Businesses Urged To Patch Their Systems
Attackers will continue to exploit these vulnerabilities since many businesses are not applying their security patches.
“Organizations are encouraged to remediate or mitigate vulnerabilities as quickly as possible to reduce the risk of exploitation,” said CISA. “Most can be remediated by patching and updating systems.”
The agencies also provided the following tips for organizations performing patch management:
- Update software versions once patches are available and as soon as is practicable. If this is not possible, consider applying temporary workarounds or other mitigations.
- If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest number of potential attackers (such as internet-facing systems).
- Automatic software updates should be enabled whenever possible.
- Attackers commonly exploit weak authentication processes, particularly in external-facing devices. Organizations should require multi-factor authentication to remotely access networks from external sources, especially for administrator or privileged accounts.
Patch Management For Your Organization
Most organizations do not have the resources or personnel to assign to patch management. This leaves them susceptible to data breaches, malware, and ransomware. However, businesses can work alongside a managed IT service provider (MSP) such as Design2Web IT to perform patch management for them. Contact us today to learn more about how we can keep your business safe from security vulnerabilities.
Comments are closed.