Top 30 Critical Security Vulnerabilities Most Exploited by Hackers - ViralMula.com
Connect with us

Celebrities

Top 30 Critical Security Vulnerabilities Most Exploited by Hackers

Published

on

0 Shares

[ad_1]

Intelligence agencies in Australia, the U.K., and the U.S. issued a joint advisory on Wednesday detailing the most exploited vulnerabilities in 2020 and 2021, once again demonstrating how threat actors are able to swiftly weaponize publicly disclosed flaws to their advantage.

“Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide,” the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) noted.

“However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their systems and implementing a centralized patch management system.”

The top 30 vulnerabilities span a wide range of software, including remote work, virtual private networks (VPNs), and cloud-based technologies, that cover a broad spectrum of products from Microsoft, VMware, Pulse Secure, Fortinet, Accellion, Citrix, F5 Big IP, Atlassian, and Drupal.

The most routinely exploited flaws in 2020 are as follows –

  • CVE-2019-19781 (CVSS score: 9.8) – Citrix Application Delivery Controller (ADC) and Gateway directory traversal vulnerability
  • CVE-2019-11510 (CVSS score: 10.0) – Pulse Connect Secure arbitrary file reading vulnerability
  • CVE-2018-13379 (CVSS score: 9.8) – Fortinet FortiOS path traversal vulnerability leading to system file leak
  • CVE-2020-5902 (CVSS score: 9.8) – F5 BIG-IP remote code execution vulnerability
  • CVE-2020-15505 (CVSS score: 9.8) – MobileIron Core & Connector remote code execution vulnerability
  • CVE-2020-0688 (CVSS score: 8.8) – Microsoft Exchange memory corruption vulnerability
  • CVE-2019-3396 (CVSS score: 9.8) – Atlassian Confluence Server remote code execution vulnerability
  • CVE-2017-11882 (CVSS score: 7.8) – Microsoft Office memory corruption vulnerability
  • CVE-2019-11580 (CVSS score: 9.8) – Atlassian Crowd and Crowd Data Center remote code execution vulnerability
  • CVE-2018-7600 (CVSS score: 9.8) – Drupal remote code execution vulnerability
  • CVE-2019-18935 (CVSS score: 9.8) – Telerik .NET deserialization vulnerability resulting in remote code execution
  • CVE-2019-0604 (CVSS score: 9.8) – Microsoft SharePoint remote code execution vulnerability
  • CVE-2020-0787 (CVSS score: 7.8) – Windows Background Intelligent Transfer Service (BITS) elevation of privilege vulnerability
  • CVE-2020-1472 (CVSS score: 10.0) – Windows Netlogon elevation of privilege vulnerability
Enterprise Password Management

The list of vulnerabilities that have come under active attack thus far in 2021 are listed below –

The development also comes a week after MITRE published a list of top 25 “most dangerous” software errors that could lead to serious vulnerabilities that could be exploited by an adversary to take control of an affected system, obtain sensitive information, or cause a denial-of-service condition.

“The advisory […] puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices,” NCSC Director for Operations, Paul Chichester, said, while urging the need to prioritize patching to minimize the risk of being exploited by malicious actors.



[ad_2]

0 Shares

Continue Reading
Click to comment

Celebrities

Usain Bolt Offers Sha’Carri Richardson Some Tough Advice Following Multiple Meet Losses

Published

on

By

[ad_1]

Jamaican sprinter Usain Bolt is offering some words of wisdom to rising track star Sha’Carri Richardson following the young athlete’s fall from grace.

During a recent interview with the New York Post, the eight-time Olympic gold medalist was asked about the 21-year-old whose stellar performance in the U.S. Olympic Track and Field Trials at the new Hayward Field in Eugene, Oregon, last June was quickly overshadowed by a series of incidents, including a failed drug test, which subsequently got her disqualified from the Tokyo games entirely.  

Bolt told the media outlet that the best thing the Texas native can do now is stop talking and focus on what really matters. “I would tell Sha’Carri to train harder and to be focused and not say too much…,” he explained. A much speculated lack of media experience ultimately led to a dim in her once fiery fan support. Many have expressed belief that the young star’s trash talk proved damaging to her brand. 

“If you talk that big talk you have to back it up,” Bolt continued. The Jamaican-born sprinting phenom added, “So just train hard and focus on that and try to come back, do it and then talk about it.”

On Aug. 21, Richardson finished in last place in the women’s 100 meters as Jamaica’s Elaine Thompson-Herah dominated the race. Shortly afterward, an online feud seemingly unraveled between Richardson and Team Jamaican.

Bolt told the outlet he and his fellow Jamaican athletes were not impressed by Richardson’s attitude, considering a rivalry between American and Jamaican sprinters that picked up some steam dating back to at least 2012. 

“Jamaicans were vexed because she was talking a lot of s–t before the actual race, it is just one of those things,” he explained. “Jamaicans don’t like when people talk s–t about us because we are a very proud people. So if you talk about us we are gonna want you to back it up. It definitely gave those women the extra push [to win.]” 

Richardson has had a few incidents with members of the Caribbean nation. She was offered an all-expenses-paid trip to Jamaica by a Jamaican hotel owner, following her loss to Jamaica’s Shelly-Ann Fraser-Pryce, who finished second in the Prefontaine race. Many people online found the gesture to be disingenuous.

‘You Have to Back it Up’: Usain Bolt Offers Sha’Carri Richardson Some Tough Advice Following Multiple Meet Losses

Continue Reading

Celebrities

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? (SWIPE)

Published

on

By

[ad_1]

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? 👀 (SWIPE)

[ad_2]

TSRBrainGamez: Can y’all guess whose fresh mani-pedi this is, Roomies? 👀 (SWIPE)

A photo posted by The Shade Room (@Viralmula.com) on

Continue Reading

Celebrities

SWIPE and PressPlay to see the two moments everyone is talking about that happened at the end of the DondaEvent – KimKardashian came out in a wedd

Published

on

By

[ad_1]

SWIPE and PressPlay to see the two moments everyone is talking about that happened at the end of the DondaEvent – KimKardashian came out in a wedding dress and performed what seemed like a mock wedding or reconciliation with KanyeWest . Also, KanyeWest left the stage on fire. @applemusic

[ad_2]

Continue Reading

Trending