Dejkala
No Result
View All Result
  • Home
  • Tech
  • Banking & loan
  • Games
  • Car’s & Bike’s
  • Home
  • Tech
  • Banking & loan
  • Games
  • Car’s & Bike’s
No Result
View All Result
Dejkala
No Result
View All Result
Home Latest update

These cybersecurity vulnerabilities are most popular with hackers right now – have you patched them?- Dejkala

by hasibul
October 27, 2022
in Latest update
0
These cybersecurity vulnerabilities are most popular with hackers right now – have you patched them?- Dejkala
0
VIEWS
Share on FacebookShare on Twitter


hands-typing-on-a-laptop

Image: Getty/Manuel Breva Colmeiro

One of the most popular security vulnerabilities among cyber criminals during the past few months is a software flaw in Microsoft Office that’s over five years old – and it continues to be exploited because, despite a longstanding available security update, many businesses still haven’t applied it. 

According to analysis by cybersecurity researchers at Digital Shadows, the most commonly discussed vulnerability among cyber criminals on underground forums over the last three months is CVE-2017-11882 – a security flaw in Microsoft Office first disclosed in 2017. 

When exploited successfully, this vulnerability allows cyber criminals to execute remote code on a vulnerable Windows system, providing a way for attackers to drop malware secretly onto the machine.

Malware delivered in attacks exploiting CVE-2017-11882 includes Formbook, which secretly provides attackers with remote access capabilities, keystroke logging, and the ability to take screenshots, putting victims at risk of stolen usernames and passwords.

Also: The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

The vulnerability is also associated with the delivery of Redline, malware that steals usernames, passwords, credit card details and the contents of cryptocurrency wallets, along with the contents of chat logs.

Attacks looking to exploit CVE-2017-11882 often begin with phishing emails designed to lure victims into opening malicious documents, which trigger the bug.

Although a security patch for CVE-2017-11882 has been available for several years, the vulnerability is still prevalent enough to be commonly exploited by cyber criminals.

“These older technologies are still in use by many organizations due to certain dependencies or preferences. The continued use of legacy systems is why these older vulnerabilities live on and remain actively exploited years later,” Nicole Hoffman, senior cyber-threat intelligence analyst at Digital Shadows told ZDNET.

The second most popular vulnerability during the reporting period was Follina (CVE-2022-30190), a high-severity zero-day vulnerability in Microsoft Word, which emerged earlier year.

Follina allows attackers to execute remote code and deploy malware to gain access to systems; the vulnerability has been actively exploited by state-backed hacking groups and cyber-criminal gangs. A patch is available to fix this vulnerability.

The third most popular vulnerability is CVE-2022-2294, a zero-day vulnerability in Google Chrome, first disclosed and patched in July. However, many users are yet to apply the security update, so it remains a popular attack method for targeting Google Chrome users.

While regularly applying security updates for all manner of software across an enterprise network can be challenging, this is one of the best things businesses can do to help protect their network and users from falling victim to cyberattacks – particularly if they focus on patching some of the most commonly exploited vulnerabilities. 

“Organizations should employ a risk-based approach to their vulnerability and patch management processes. Not all critical vulnerabilities end up being exploited in the wild. Vulnerability Intelligence can help provide valuable context to enable organizations to make informed, risk-based decisions,” said Hoffman. 

MORE ON CYBERSECURITY




Related

ShareTweetShare

Related Posts

Kamado Joe’s new ceramic grill has built-in smart features and one-button ignition- Dejkala
Latest update

Kamado Joe’s new ceramic grill has built-in smart features and one-button ignition- Dejkala

March 20, 2023
Runway, which helped create Stable Diffusion, announces its Gen 2 system to generate three second snippets of video from prompt words, available via a waitlist (Rachel Metz/Bloomberg)- Dejkala
Latest update

Runway, which helped create Stable Diffusion, announces its Gen 2 system to generate three second snippets of video from prompt words, available via a waitlist (Rachel Metz/Bloomberg)- Dejkala

March 20, 2023
How to use ChatGPT to write code- Dejkala
Latest update

How to use ChatGPT to write code- Dejkala

March 20, 2023
Don’t be fooled: Comcast’s ‘10G’ doesn’t mean what you think- Dejkala
Latest update

Don’t be fooled: Comcast’s ‘10G’ doesn’t mean what you think- Dejkala

March 20, 2023
Samsung’s expanded OLED TV lineup includes a new lower-priced series- Dejkala
Latest update

Samsung’s expanded OLED TV lineup includes a new lower-priced series- Dejkala

March 20, 2023
Fighting VPN criminalization should be Big Tech’s top priority, activists say- Dejkala
Latest update

Fighting VPN criminalization should be Big Tech’s top priority, activists say- Dejkala

March 20, 2023
Next Post
Shopify reports Q3 revenue rose 22% YoY to $1.4B, above $1.34B estimates, and GMV grew 11% YoY to $46.2B; shares jump 7%+ (Nivedita Balu/Reuters)- Dejkala

Shopify reports Q3 revenue rose 22% YoY to $1.4B, above $1.34B estimates, and GMV grew 11% YoY to $46.2B; shares jump 7%+ (Nivedita Balu/Reuters)- Dejkala

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

  • Earn Money Online
  • Game news and review
  • Laptops
  • Latest update
  • Smartphone Reviews & News
  • TODAY Tech News
  • Upcoming Technology
  • Wordpress plugin
  • WordPress themes
  • World Wide Bike Reviews and News
  • World Wide Car News

Recommended

Paper: Stable Diffusion “memorizes” some images, sparking privacy concerns- Dejkala

Paper: Stable Diffusion “memorizes” some images, sparking privacy concerns- Dejkala

February 1, 2023
Medibank hackers reportedly release all data on dark web- Dejkala

Medibank hackers reportedly release all data on dark web- Dejkala

December 1, 2022
Just Corseca Launches Solitaire and Superflexx Neckbands in India with Noise Canceling and 25 Hours of Battery Life

Just Corseca Launches Solitaire and Superflexx Neckbands in India with Noise Canceling and 25 Hours of Battery Life

February 4, 2022
Musk proposes turning Twitter into a bank to avoid bankruptcy- Dejkala

Musk proposes turning Twitter into a bank to avoid bankruptcy- Dejkala

November 11, 2022
Support for Windows 7 and 8 fully ends in January, including Microsoft Edge- Dejkala

Support for Windows 7 and 8 fully ends in January, including Microsoft Edge- Dejkala

December 12, 2022
Amazon CEO Andy Jassy says the company plans to "go big" on physical retail stores in 2023, blaming a lack of "normalcy" during the pandemic for its stumbles (Dave Lee/Financial Times)- Dejkala

Amazon CEO Andy Jassy says the company plans to "go big" on physical retail stores in 2023, blaming a lack of "normalcy" during the pandemic for its stumbles (Dave Lee/Financial Times)- Dejkala

February 14, 2023
Kamado Joe’s new ceramic grill has built-in smart features and one-button ignition- Dejkala

Kamado Joe’s new ceramic grill has built-in smart features and one-button ignition- Dejkala

March 20, 2023
Runway, which helped create Stable Diffusion, announces its Gen 2 system to generate three second snippets of video from prompt words, available via a waitlist (Rachel Metz/Bloomberg)- Dejkala

Runway, which helped create Stable Diffusion, announces its Gen 2 system to generate three second snippets of video from prompt words, available via a waitlist (Rachel Metz/Bloomberg)- Dejkala

March 20, 2023
How to use ChatGPT to write code- Dejkala

How to use ChatGPT to write code- Dejkala

March 20, 2023

Categories

  • Earn Money Online
  • Game news and review
  • Laptops
  • Latest update
  • Smartphone Reviews & News
  • TODAY Tech News
  • Upcoming Technology
  • Wordpress plugin
  • WordPress themes
  • World Wide Bike Reviews and News
  • World Wide Car News

Pages

  • About Us
  • Banking & loan
  • Car’s & Bike’s
  • Contact Us
  • Games
  • Home
  • Home 2
  • Privacy Policy
  • Tech

© 2022 Dejkala

No Result
View All Result
  • Homepages
    • Home – Layout 1
    • Home – Layout 2

© 2022 Dejkala