CISA adds 41 vulnerabilities to catalog of exploited bugs
Organizations are required to fix the flaws by June 13 and 14 to “reduce their exposure to cyber attacks”
The Cybersecurity and Infrastructure Security Agency (CISA) added 41 vulnerabilities to its catalog of known exploited bugs this week.
The batch is one of the largest to be added to the list since the organization began compiling it back in November last year, with the additions including bugs relating to the likes of Microsoft, Apple, Google, Cisco, Adobe, Facebook, WhatsApp, Mozilla, Kaseya, Artifex, and QNAP.
The dates of these vulnerabilities range from 2016 to 2021, with the CISA giving federal agencies until June 13 and 14 to provide patches and “reduce their exposure to cyber attacks".
The organisation says it adds exploited vulnerabilities “when they become known”. subject to an executive review and when they satisfy three key thresholds: the vulnerability has an assigned Common Vulnerabilities and Exposures (CVE) ID, there is reliable evidence that it has been actively exploited in the wild, and when there is clear remediation action for the bug.
The oldest of the batch dates back to 2016 and concerns a Microsoft Internet Explorer Disclosure Vulnerability titled CVE-2016-0162, used to allow remote attackers to determine the existence of files via crafted JavaScript code.
The most recent listing is a Cisco IOS XR open port vulnerability (CVE-2022-20821), which was fixed last week. This bug is used to allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container.
Elsewhere, two Android Linux Kernel flaws were also added - CVE-2021-1048 and CVE-2021-0920 – which have been known to only be used in limited attacks against Android devices.
CISA also listed the Windows elevation of privileges vulnerability (CVE-2020-0638). Despite being disclosed back in 2020, the flaw was still being used by ransomware gang Conti as part of corporate attacks this year.
The list of vulnerabilities were added to the catalog in two parts, with CISA giving federal agencies until June 13th for the 21 added on Monday, and until June 14th for the 20 listed on Tuesday.
-
New ransomware threat group, The Gentlemen, has become one of the most active ransomware operators, accounting for 10% of all attacksNews NTT researchers warn that the RaaS group is leveraging SystemBC malware to establish covert tunnelling, evade detection, and support rapid lateral movement across enterprise environments
-
Instructure chose to a pay ransom following the Canvas cyber attack – research shows more than half of security leaders would follow suitAnalysis Opting to pay ransoms creates huge risks for enterprises – you’re relying on the word of criminals
-
Ransomware negotiator sentenced for role in major cyber crime groupNews Deniss Zolotarjovs was a key player in a group associated with Conti
-
Threat actors ditch ‘spray and pray’ attacks in shift to targeted exploitationNews A dip in ransomware volumes points to a more targeted approach focused on vulnerability exploitation
-
Security leaders overconfident about ransomware recovery
News Few manage to recover all their data, and many experience business disruption
-
German authorities want your help finding the hackers behind GandCrab and REvilNews Daniil Maksimovich Shchukin and Anatoly Sergeevitsch Kravchuk are believed to have made millions from ransomware as a service schemes
-
The rise of teen hackers ‘makes for a good headline’, but cyber crime activities peak later in life
News With family responsibilities and mortgages to pay, it's not teenagers dishing out malware or carrying out cyber extortion
-
Ransomware gangs are using employee monitoring software as a springboard for cyber attacks
News Two attempted attacks aimed to exploit Net Monitor for Employees Professional and SimpleHelp
