Cyber security news for all


    FBI and the US Government present a list of the most exploited vulnerabilities

    Windows systems don’t patch regularly, so there are always avoidable security incidents. Attackers often prefer attacks on old, unpatched vulnerabilities, because often less resources are required than developing exploits for brand new security vulnerabilities.

    The US Government and FBI strongly advise admins to install security updates regularly. You should also check your system for older gaps for which patches already exist. In addition, the experts talk about the most exploited security gaps in recent years.The report provides admins with more in depth information about the gaps and the associated CVE numbers. This information should make it easier to explore and close vulnerabilities in your own systems.

    The list is intended for those responsible for IT security so that they can secure their companies. It not only provides information about the weaknesses, but also about possible signs of compromise and instructions on how to remedy the weaknesses.

    The List Of Most Exploited Vulnerabilities

    • A Windows remote code execution vulnerability, by means of which the attackers can execute arbitrary code remotely using manipulated packets.
    • A so called Microsoft Office memory corruption vulnerability with a crafted file, so that attackers can execute arbitrary code.
    • A vulnerability in Drupal due to an issue affecting multiple subsystems with standard or common module configurations. An attacker could execute arbitrary code if he exploited it.
    • A Microsoft Office remote code vulnerability that allows the attacker to execute arbitrary code over a prepared document.

    The list also shows that companies often do not update their IT systems or do it incorrectly. The vulnerabilities were already on the list of the most frequently used vulnerabilities of the US government.

    The reason for the hesitant patch behavior is probably the inherent balancing act: For IT security managers, a patch is always a trade-off between the need to secure the systems and the need to keep the systems running. Correction is particularly time-consuming when there are several security gaps.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox