The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers are now taking advantage of vulnerabilities from high-tech companies like Microsoft, Oracle, Apache and Apple, among others. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose a significant risk to the federal enterprise,” CISA said in a statement.
CISA has added 15 major vulnerabilities to its “catalogue of known exploited vulnerabilities,” which the US cybersecurity branch publishes annually. Most of the vulnerabilities were disclosed in 2014, 2015, 2016, 2017, 2018, and 2020. These exploits affect Windows, Jenkins, Apache Struts and ActiveMQ, Oracle’s WebLogic, Microsoft Office, D-Link routers, and Windows OS. operating Apple’s OS X.
The most recent Microsoft vulnerability CVE-2021-36934, which Microsoft patched in August 2021, has also been added to the list. CVE is short for Common Vulnerabilities and Exposures. This is a list of publicly disclosed computer security vulnerabilities. It should be noted that Microsoft originally released workarounds and mitigations in July 2021 when the issue was revealed.
According to CISA, federal agencies are now required to patch their systems against this actively exploited vulnerability.
“The catalog is a living list of known CVEs that pose a significant risk to the federal enterprise. It requires FCEB agencies to patch identified vulnerabilities before the deadline to protect FCEB networks from active threats,” CISA said.
At the same time, CISA urged all organizations to reduce their exposure to cyberattacks by “prioritizing the rapid remediation of vulnerabilities as part of their vulnerability management practice.”
A few days ago, CISA and the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Australian Cyber Security Center (ACSC) and the United Kingdom’s National Cyber Security Center ( NCSC-UK) issued a joint cybersecurity advisory outlining the growing international threat posed by ransomware over the past year.
The advisory titled “2021 Trends Show Increased Globalized Ransomware Threat” stated that “cybercriminals are increasingly gaining access to networks via phishing, stolen Remote Desktop Protocols (RDP) credentials or brute force, and exploit software vulnerabilities.”