K
Kathleen Martin
Guest
Many top vulnerabilities are in software libraries that have been used for years. Observability offers a better way (vs. traditional security approaches) to find and protect against them.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released its 2021 report outlining the most exploited vulnerabilities for that year. The findings highlight the need for more proactive, more sophisticated security approaches based on artificial intelligence and more.
Number one on the list is a vulnerability within the very popular Apache Log4j product. Known as Log4shell, this vulnerability is exploited most commonly using a specially crafted code string that led to threat actors taking over entire systems.
The vulnerability in Apache’s Log4j software library should be a main reason to adopt observability. According to CISA, “Log4j is very broadly used in a variety of consumer and enterprise services, websites, and applications—as well as in operational technology products—to log security and performance information.”
See also: Log4j Vulnerability Highlights the Need for Observability
Other notable vulnerabilities include ProxyShell and ProxyLogon, which are present on the Microsoft Exchange server. Both allow threat actors to escalate privileges and eventually take over mailboxes, files, and other credentialed products.
Some vulnerabilities from 2020, such as ZeroLogon, demonstrate the continued vulnerabilities for companies who use products no longer supported by vendors or get behind on updates to their systems.
Companies must act proactively to stay ahead of vulnerabilities.
Releasing proof of code within two weeks provides a baseline reaction time for companies affected by these attacks. However, CISA recommends comprehensive security protocols such as updating end-of-life software and identity and access management policies. In addition, segmenting networks to limit the attack surface is also recommended.
Continue reading: https://www.rtinsights.com/2021-cybersecurity-report-ids-top-15-vulnerabilities/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released its 2021 report outlining the most exploited vulnerabilities for that year. The findings highlight the need for more proactive, more sophisticated security approaches based on artificial intelligence and more.
Number one on the list is a vulnerability within the very popular Apache Log4j product. Known as Log4shell, this vulnerability is exploited most commonly using a specially crafted code string that led to threat actors taking over entire systems.
The vulnerability in Apache’s Log4j software library should be a main reason to adopt observability. According to CISA, “Log4j is very broadly used in a variety of consumer and enterprise services, websites, and applications—as well as in operational technology products—to log security and performance information.”
See also: Log4j Vulnerability Highlights the Need for Observability
Other notable vulnerabilities include ProxyShell and ProxyLogon, which are present on the Microsoft Exchange server. Both allow threat actors to escalate privileges and eventually take over mailboxes, files, and other credentialed products.
Some vulnerabilities from 2020, such as ZeroLogon, demonstrate the continued vulnerabilities for companies who use products no longer supported by vendors or get behind on updates to their systems.
Companies must act proactively to stay ahead of vulnerabilities.
Releasing proof of code within two weeks provides a baseline reaction time for companies affected by these attacks. However, CISA recommends comprehensive security protocols such as updating end-of-life software and identity and access management policies. In addition, segmenting networks to limit the attack surface is also recommended.
Continue reading: https://www.rtinsights.com/2021-cybersecurity-report-ids-top-15-vulnerabilities/