The Australian Cyber Security team shares key findings for 2020 as well as 2021 for some of top threats circulating. Excellent summary of key patches & attacks to be on lookout for.
CISA, the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) have released the Joint Cybersecurity Advisory Top Routinely Exploited Vulnerabilities, which details the top vulnerabilities routinely exploited by malicious actors in 2020 and those being widely exploited thus far in 2021. CISA encourages users and administrators to review the Joint Cybersecurity Advisory for information on assessing and remediating vulnerabilities as quickly as possible to reduce the risk of exploitation.
2021 CVEs – In 2021, cyber actors continued to target vulnerabilities in perimeter-type devices. In addition to the 2020 CVEs listed above, organizations should prioritize patching for the following CVEs known to be exploited.
- Microsoft Exchange: CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 –See CISA’s Alert: Mitigate Microsoft Exchange Server Vulnerabilities for more information on identifying and mitigating malicious activity concerning these vulnerabilities.
- Pulse Secure: CVE-2021-22893, CVE-2021-22894, CVE-2021-22899, and CVE-2021-22900 –See CISA’s Alert: Exploitation of Pulse Connect Secure Vulnerabilities for more information on how to investigate and mitigate this malicious activity.
- Accellion: CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104
- See the Australia-New Zealand-Singapore-UK-U.S. Joint Cybersecurity Advisory: Exploitation of Accellion File Transfer Appliance for technical details and mitigations.
- VMware: CVE-2021-21985 –See CISA’s Current Activity: Unpatched VMware vCenter Software for more information and guidance.
- Fortinet: CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591 –See the CISA-FBI Joint Cybersecurity Advisory: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks for more details and mitigations.