These are the biggest security flaws of 2021 so far

By Nick Heyman On Jul 29, 2021

In an effort to raise awareness among both private companies and government agencies, cybersecurity agencies from the US, the UK and Australia have published a new joint advisory which contains information on the most exploited security flaws from last year and so far this year.

As reported by The Record, the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI along with the UK National Cyber Security Centre (NCSC) and the Australian Cyber Security Centre (ACSC) all published joint advisories on the top vulnerabilities exploited by cybercriminals.

These vulnerabilities exist in a wide variety of products from VPN appliances, email servers, network access gateways, web-based applications, desktop software and more.

According to the cybersecurity agencies’ joint advisory, these were the most exploited security flaws in 2020 by vendor and type along with their CVE tracking numbers:

Top vulnerabilities in 2021 so far

The joint advisory also contains a second list of vulnerabilities that cybercriminals have been actively exploiting in their attacks so far this year. However, this list is divided by vendor:

Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065
Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900
Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
VMware: CVE-2021-21985
Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591

By releasing these two lists of the top security flaws last year and so far this year, the cybersecurity agencies from the US, the UK and Australia hope to encourage businesses as well as government agencies to take a second look at their products and services so that they can patch any vulnerabilities they have yet to fix.

Director of operations at the UK’s NCSC, Paul Chichester provided further insight on the joint advisory published by the three countries’ cybersecurity agencies in a press release, saying:

“We are committed to working with allies to raise awareness of global cyber weaknesses – and present easily actionable solutions to mitigate them. The advisory published today puts the power in every organisation’s hands to fix the most common vulnerabilities, such as unpatched VPN gateway devices. Working with our international partners, we will continue to raise awareness of the threats posed by those that seek to cause harm.”

Via The Record

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TheDailyCheck is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected] The content will be deleted within 24 hours.