The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently made public the list of the Top 10 Routinely Exploited Vulnerabilities from 2016 to 2019. This list highlighted certain vulnerabilities leveraged by cyber actors when targeting both public and private sector organizations.The list represents the most common exploits, rather than just high severity vulnerabilities according to CVSS score. Roughly half of them target the software the victims are using on their laptops, while the other half is directly targeting the servers and systems exposed to the internet.

Cyberteq has discovered almost all these vulnerabilities while providing our comprehensive and effective cybersecurity services for companies or businesses. We publish this as part of the company’s mission to also educate the general public, stake holders and customers on trending threats and its impact if they are exploited.

Public servers and individuals at risk

As evident from this list attackers will target both company external servers and individuals. Phishing e-mails is still one of the major reasons companies have security breaches. An uneducated employee will click the attacker’s phishing e-mail, and download some malware targeting software on their machine such as Microsoft Office or Adobe Flash Player. When the victim machine is compromised the attacker can steal passwords and gain access to internal company systems that the victim is using for their work.

Remote Code Execution vulnerabilities such as the one affecting Apache Struts are especially dangerous. This example is software used to host Java web applications, and many companies and businesses are using this web server software. The vulnerability lies in the software itself and not in the individual sites that the server is hosting. Anyone on the internet that can browse to the website is able to send commands that the webserver cannot handle correctly, resulting in operating system control via remote commands. No authentication is required, so it is very easy to compromise and gain access to the web server itself. It would be possible to change the website (de-face), steal credit card information used on the site and so on.

2020 Trends

CISA and the FBI also highlighted several new key trends in adversarial activity in 2020, much of which is driven by new work from home trends due to Covid-19 pandemic, targeting remote work software such as Citrix Applications and VPNs that people use from their homes.

What can you do to protect yourself against these attacks?

Effective patch management is key to success. There must exist a routine process that will identify out-of-date software and update it with the latest versions. Installing the latest patches will ensure that you are protected against all known bugs and vulnerabilities. Employees will need both security awareness training to learn how to identify phishing attacks and technical protection. Their laptops and mobile devices require End-point Protection Systems (EPS) which will allow remote, easy updating of software and protection against ongoing attacks.

This article is the first of various cybersecurity articles that will be posted by Cyberteq periodically.