A recently published list of 25 frequently published people Common vulnerabilities and manifestations (CVE) Highlights of the importance of using software updates and links as government-funded advanced continuous threat (APD) currently emerging in China is being exploited by actors correct time.
This list was published by the United States National Security Agency (NSA), and describes the many vulnerabilities that can be used to gain initial access to infected networks that pass through products that are directly accessible from the public Internet, and then cause a one-time destruction inside.
Many of them have been known for some time, reflecting the common desire among malicious actors to pick low hanging fruit With old, unsent bugs.
“We hear loudly and clearly that it is difficult to prioritize adhesion and mitigation efforts,” said Anne Newberger, director of cyber security.
“By highlighting the vulnerabilities that China is actively using to reconcile organizations, cyber security experts will prioritize efforts and take action to protect their systems.”
The 25 vulnerabilities listed are described in the NSA consultation Can be accessed online here, And bugs in products from Cisco, Citrix, F5 networks, Microsoft, MobileIron, Oracle, PulseSecure and Symantec. Some of them have been known for many years, and many of them have already attracted widespread attention.
Chloe Mestaki, Vice President of Strategy at Point 3 protection, Said that the last 12 months have seen a significant increase in the number of malicious actors targeting such popular CVEs.
“They are trying to collect intellectual property data. The Chinese attackers could be a national government, a group of companies or a group of companies, or a group of threatening actors. Said.
“I am pleased that the NSA has released this report. The publication of this report strengthens the work that companies need to do to acquire their intellectual property and motivate them to do the repairs and maintenance they need to do,” Mestaki said.
CEO and co-founder Jamie Akhtar Cybersmart, Said: “People have the impression that cyber crime is sophisticated and difficult to protect. But as this news proves, even the most professional criminals often use only known vulnerabilities that companies and the public do not take the time to address.
“Ensures that the software is up to date so that there are patches for known vulnerabilities, which is one of the five basic rules of cyber hygiene. The UK Government has developed a plan that incorporates these fundamentals to understand and maintain basic security for all businesses and their employees. ”
Siren Byrne, stage acting leader Edgescon, Revelation shows that it is important to have procedures for updating vulnerable software as soon as the fixes are released.
“It is not always practical or feasible to update the software directly because some components rely on a particular version, although updating requires idle time planning, however, a plan and timeline must be kept,” he said.
During this process, Companies should first consider why the software cannot be integrated right now, and ask if it is out of date in need of replacement.
Second, businesses need to question what they can do to protect themselves, that is, by establishing new firewall rules that allow specific ports to be accessed only from pre-defined IPs.
Finally, they need to ask whether the relevant current risk is sufficient to attach – i.e., whether important information can be exposed or stolen, or whether the exposed vulnerability can be alienated by a serious incident attacker.