Cybersecurity Agencies Reveal Top Targeted Vulnerabilities

Cybersecurity concept vulnerabilities

Written by: Jay H.

A joint security advisory issued by the top cybersecurity agencies reveals the most targeted vulnerabilities by cybercriminals over the past two years.

The USA’s Cybersecurity and Infrastructure Security Agency (CISA), the USA’s Federal Bureau of Investigation, the Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) also shared details on these security flaws and how organizations can mitigate their risk.

Remote Work, VPNs, and Cloud-Based Technology Targeted

Based on data available to the U.S. government, most of the top vulnerabilities had been disclosed during the past two years. Moreover, cybercriminals focused their efforts on remote work options including VPNs and cloud-based technology as a result of COVID-19.

The rapid shift and increased use of remote work options, such as virtual private networks (VPNs) and cloud-based environments, likely placed an additional burden on cyber defenders struggling to maintain and keep pace with routine software patching,” said CISA.

The list includes the top thirty vulnerabilities, primarily Common Vulnerabilities and Exposures (CVEs). Many of these are publicly known and dated software vulnerabilities that have available security patches.

Four of the most targeted vulnerabilities affected remote work, VPNs, or cloud-based technology. These exploits highlight the importance of rigorous patch management.

Vendor CVE Type
Citrix CVE-2019-19781 arbitrary code execution
Pulse CVE 2019-11510 arbitrary file reading
Fortinet CVE 2018-13379 path traversal
F5- Big IP CVE 2020-5902 remote code execution (RCE)
MobileIron CVE 2020-15505 RCE
Microsoft CVE-2017-11882 RCE
Atlassian CVE-2019-11580 RCE
Drupal CVE-2018-7600 RCE
Telerik CVE 2019-18935 RCE
Microsoft CVE-2019-0604 RCE
Microsoft CVE-2020-0787 elevation of privilege
Netlogon CVE-2020-1472 elevation of privilege

Businesses Urged To Patch Their Systems

Attackers will continue to exploit these vulnerabilities since many businesses are not applying their security patches.

“Organizations are encouraged to remediate or mitigate vulnerabilities as quickly as possible to reduce the risk of exploitation,” said CISA. “Most can be remediated by patching and updating systems.”

The agencies also provided the following tips for organizations performing patch management:

  • Update software versions once patches are available and as soon as is practicable. If this is not possible, consider applying temporary workarounds or other mitigations.
  • If an organization is unable to update all software shortly after a patch is released, prioritize implementing patches for CVEs that are already known to be exploited or that would be accessible to the largest number of potential attackers (such as internet-facing systems).
  • Automatic software updates should be enabled whenever possible.
  • Attackers commonly exploit weak authentication processes, particularly in external-facing devices. Organizations should require multi-factor authentication to remotely access networks from external sources, especially for administrator or privileged accounts.

Patch Management For Your Organization

Most organizations do not have the resources or personnel to assign to patch management. This leaves them susceptible to data breaches, malware, and ransomware. However, businesses can work alongside a managed IT service provider (MSP) such as Design2Web IT to perform patch management for them. Contact us today to learn more about how we can keep your business safe from security vulnerabilities.

Protected by Copyscape

Comments are closed.