Our PROMISE: Our ads will never cover up content.
Our children thank you.
NordVPN Teams
Published: Wednesday, January 13, 2021 - 12:02 According to Gartner, 99 percent of the vulnerabilities exploited in 2020 have been ones known about by security and IT professionals at the time of the incident. However, taking care of them is tiresome, as it takes 38 days to implement a patch and in the past year alone 12,174 new common vulnerabilities and exposures (CVEs) were reported. Software vendors are constantly publishing patches to fix identified problems, but the users themselves are responsible for the updates. Failing to install them leaves the back door open for cyber criminals who can utilize it for a breach. “To enhance the chances of a successful attack, cyber criminals normally look for the weak links in software used by many people, namely, office programs or cloud services,” says Juta Gurinaviciute, chief technology officer at NordVPN Teams. “Therefore, even the innocent-looking DOC or RTF file can be hazardous, providing it has a malicious piece of code. It is executed immediately after the user opens the file, and consequences are unpredictable. The risk amplifies as people work remotely during the pandemic, of course.” Even though taking care of all the patches seems impossible, hackers leverage some more frequently. It is either because of their scope, the potential damage, or the number of devices affected. Here are five of the most troublesome that IT security professionals have had to deal with in 2020. 1. CVE-2012-0158. Despite being almost a decade-old, CVE-2012-0158 is still employed and remains among the top CVEs in 2020. It is aimed at Microsoft products and can be activated upon the user opening a corrupt document (DOC) file or Rich Text Format (RTF) file. The code can install malicious programs and has even been targeted at governments and officials, including a Canadian medical organization, where a corrupt RTF file was sent from a fake World Health Organization email address. 2. CVE-2019-0604. One of the recent vulnerabilities affecting Microsoft SharePoint, a platform used for file sharing and collaboration online. An attacker who utilizes the CVE-2019-0604 can run a code in the context of the SharePoint application pool and the SharePoint server farm account. It allows hackers to install a web shell and hence access the system and even the internal networks on which it resides, meaning more devices can get affected. Last year hackers used this vulnerability to breach the United Nations network and access 400 GB of sensitive data. 3. CVE-2020-4006. Just a few weeks ago the U.S. National Security Agency (NSA) released a cybersecurity advisory about Russian state-supported actors trying to leverage CVE-2020-4006 vulnerability, aimed at various VMware digital workspace services. When hackers gained access to the specific port 8443 and the administration credentials, the unrestricted privileges on the underlying operating system became available to them. This security gap is dangerous because it is fairly recent, and patches only started to roll out. 4. CVE-2018-7600. Users shouldn’t forget taking security measures when using an external content management system (CMS). The CVE-2018-7600 is believed to have affected hundreds of Drupal users. The vulnerability exists within Drupal 7.x and 8.x versions, and cyber criminals can leverage it to completely compromise the site. The breach was used to install cryptocurrency mining malware on the unpatched Drupal websites. 5. CVE-2019-19781. The vulnerability code-named as CVE-2019-19781 was exploited by both cyber criminals and nation-state hackers for ransomware attacks and espionage on organizations using the Citrix server application and desktop virtualization software. Among those attacked were Gedia Automotive Group, Bretagne Telecom, and Conduent. Unauthenticated cyber criminals were able to connect to the affected computers and execute arbitrary codes on them. According to NordVPN teams’ expert, “Consistent patching and endpoint hardening is challenging due to the digital transformation and modern workforce evolution. Enterprises highlight the difficulty in patching systems belonging to mobile employees or remote offices. During the pandemic, the problems multiply as more people work remotely.” To stay immune to cyber attacks, enterprises should take five steps in securing an organization’s data from vulnerabilities: Additionally, cloud-based virtual private networks (VPNs) can also be employed to encrypt data and add an extra security layer to the system. Besides, if there’s a network segmentation in place, employees can only access the systems needed to perform job functions, whereas fixed IP reduces the surface area to leverage those unpatched vulnerabilities. Cyber criminals are constantly scanning digital products and services for weak links, and so do the software producers and IT professionals. Therefore it is wise to accept all software updates as soon as they roll out and regularly check the CVE database for fresh cyber threats spotted around the globe. Quality Digest does not charge readers for its content. We believe that industry news is important for you to do your job, and Quality Digest supports businesses of all types. However, someone has to pay for this content. And that’s where advertising comes in. Most people consider ads a nuisance, but they do serve a useful function besides allowing media companies to stay afloat. They keep you aware of new products and services relevant to your industry. All ads in Quality Digest apply directly to products and services that most of our readers need. You won’t see automobile or health supplement ads. So please consider turning off your ad blocker for our site. Thanks, NordVPN Teams is a cloud-based VPN for business from the world’s most advanced VPN service provider, NordVPN. NordVPN Teams has a full range of features to ensure convenience and powerful digital protection for organizations of all sizes, freelancers, and remote teams. NordVPN Teams offers advanced 256-bit encryption, secure remote access, malware blocking, two-factor authentication, unsecured traffic prevention, automatic connection on Wi-Fi networks, and 24/7 customer support. NordVPN Teams is available on all major platforms.Five Vulnerabilities Attackers Leveraged Most in 2020
Companies and cyber criminals race for unpatched software
Five vulnerabilities attackers leverage most
Securing remote access
• Implement firewalls (including web application firewalls)
• Administer multifactor authentication
• Ensure secure connections and strong passwords
• Utilize intrusion-detection systems
• Constantly monitor and update web platforms
Our PROMISE: Quality Digest only displays static ads that never overlay or cover up content. They never get in your way. They are there for you to read, or not.
Quality Digest Discuss
About The Author
NordVPN Teams
© 2021 Quality Digest. Copyright on content held by Quality Digest or by individual authors. Contact Quality Digest for reprint information.
“Quality Digest" is a trademark owned by Quality Circle Institute, Inc.