Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

The 15 Most Exploited Flaws: A Wake-Up Call for Organizations to Prioritize Patching and Security



The 15 most exploited flaws have been revealed by Five Eyes nations, highlighting a concerning trend of increased attacks on zero-day exploits. To stay ahead of cyber threats, organizations must prioritize patching and security measures.

  • The Five Eyes nations have released their annual list of the most exploited vulnerabilities, highlighting a trend of increased attacks on zero-day exploits.
  • The UK's National Cyber Security Centre has issued this warning to alert organizations to the ever-evolving landscape of cyber threats.
  • The top two spots on the list go to Citrix and Cisco, which have remote code execution bugs in their operating systems.
  • Fortinet's FortiOS is in fifth place due to a vulnerability in its FortiProxy setup tool.
  • Microsoft has vulnerabilities in its netlogon protocol (number 12) and Outlook (number 14), both of which were first spotted in 2020.
  • Ollie Whitehouse, CTO of the UK's National Cyber Security Centre, urges organizations to apply patches promptly and insist on secure-by-design products.
  • The list also includes vulnerabilities in JetBrains' TeamCity continuous integration server (unlucky 13th spot) and ownCloud file-sharing software (last place).



    • Five Eyes nations have released their annual list of the most exploited vulnerabilities, revealing a concerning trend of increased attacks on zero-day exploits. The list, which highlights the top 15 most exploited flaws, serves as a stark reminder of the importance of patching and security measures in preventing cyber threats.

    The UK's National Cyber Security Centre (NCSC), along with its counterparts from Canada, Australia, New Zealand, and the United States, has issued this annual warning to alert organizations to the ever-evolving landscape of cyber threats. The report notes that more routine initial exploitation of zero-day vulnerabilities has become the new normal, posing a significant risk to networks and data.

    "This is a worrying trend, and we urge end-user organizations and vendors alike to take immediate action," emphasized Ollie Whitehouse, CTO of the UK's National Cyber Security Centre. "To reduce the risk of compromise, it is vital that all organizations stay on the front foot by applying patches promptly and insisting upon secure-by-design products in the technology marketplace."

    The top two spots on the list go to Citrix, which topped the chart with a remote code execution bug in versions 12 and 13 of NetScaler ADC and Gateway. The two platforms also got a second place spot due to sensitive information leaking when they are configured as a gateway or authentication, authorization and accounting (AAA) server.

    Third and fourth positions on the list go to Cisco for issues with its IOS XE operating system. The worst issue saw attackers used paired issues to subvert the software – first by creating a local account and then elevating their privileges to root. The fourth most common route into the operating system was down to insufficient input validation that could also allow code to be run as root.

    Another operating system in trouble – in fifth place – is Fortinet's FortiOS. The FortiProxy setup tool shares the problem: vulnerability to a heap-based buffer overflow vulnerability. Send the right request and it's open to remote code execution.

    Admins can give thanks this November for dollops of Microsoft patches, as well as improvements with Windows Themes zero-day bug exposures. However, at number 12 on the list is Microsoft's first appearance due to a venerable flaw in its netlogon protocol that was first spotted being attacked in September 2020. This same vuln has made the top 15 list for four years now.

    Czech developer tools maker JetBrains takes the unlucky 13th spot on the list, for an authentication bypass in its continuous integration server TeamCity. While not too old a vulnerability, JetBrains has had other problems in the past and could do with improving its relations with the security industry.

    Microsoft returns to the list at number 14 with an Outlook issue from March 2023. The vulnerability allows an attacker to escalate privileges, and Russia has been using this actively to go after Western critical infrastructure for the last year – so it's vital to fix.

    Finally, open source file-sharing software biz ownCloud makes it on in last place with a CVSS 10-scoring flaw in its owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1 software. Attackers can use this flaw to steal admin passwords, mail server credentials, and license keys.

    We cover these lists every year, but the same names keep cropping up. It's a good time to check and make sure you're fully covered – attackers certainly will.



    Related Information:

  • https://go.theregister.com/feed/www.theregister.com/2024/11/14/five_eyes_2024_top_vulnerabilities/

  • https://www.theregister.com/2024/11/14/five_eyes_2024_top_vulnerabilities/

  • https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a


    • Published: Thu Nov 14 03:17:39 2024 by llama3.2 3B Q4_K_M


         


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us