Cyber security news for all


    FBI and the US Government present a list of the most exploited vulnerabilities

    Windows systems don’t patch regularly, so there are always avoidable security incidents. Attackers often prefer attacks on old, unpatched vulnerabilities, because often less resources are required than developing exploits for brand new security vulnerabilities.

    The US Government and FBI strongly advise admins to install security updates regularly. You should also check your system for older gaps for which patches already exist. In addition, the experts talk about the most exploited security gaps in recent years.The report provides admins with more in depth information about the gaps and the associated CVE numbers. This information should make it easier to explore and close vulnerabilities in your own systems.

    The list is intended for those responsible for IT security so that they can secure their companies. It not only provides information about the weaknesses, but also about possible signs of compromise and instructions on how to remedy the weaknesses.

    The List Of Most Exploited Vulnerabilities

    • A Windows remote code execution vulnerability, by means of which the attackers can execute arbitrary code remotely using manipulated packets.
    • A so called Microsoft Office memory corruption vulnerability with a crafted file, so that attackers can execute arbitrary code.
    • A vulnerability in Drupal due to an issue affecting multiple subsystems with standard or common module configurations. An attacker could execute arbitrary code if he exploited it.
    • A Microsoft Office remote code vulnerability that allows the attacker to execute arbitrary code over a prepared document.

    The list also shows that companies often do not update their IT systems or do it incorrectly. The vulnerabilities were already on the list of the most frequently used vulnerabilities of the US government.

    The reason for the hesitant patch behavior is probably the inherent balancing act: For IT security managers, a patch is always a trade-off between the need to secure the systems and the need to keep the systems running. Correction is particularly time-consuming when there are several security gaps.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox