The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have released an alert detailing the top 10 software vulnerabilities exploited by foreign cyber threat actors from 2016 to 2019.
An alert published Tuesday says information technology security professionals at private and public sector institutions should prioritize patching of common vulnerabilities and exposures.
“A concerted campaign to patch these vulnerabilities would introduce friction into foreign adversaries’ operational tradecraft and force them to develop or acquire exploits that are more costly and less widely effective,” the alert reads. “A concerted patching campaign would also bolster network security by focusing scarce defensive resources on the observed activities of foreign adversaries.”
Microsoft's Object Linking and Embedding technology, which enables documents to contain embedded content from spreadsheets and other applications, was the most commonly targeted platform by malicious threat actors, according to the alert.
CVE-2017-11882, CVE-2017-0199 and CVE-2012-0158 related to OLE were the most exploited vulnerabilities by threat actors from countries like Russia, China, North Korea and Iran.
Other vulnerabilities cited are CVE-2017-5638, CVE-2019-0604, CVE-2017-0143, CVE-2018-4878, CVE-2017-8759, CVE-2015-1641 and CVE-2018-7600.
CISA and the FBI also found that malicious actors are targeting vulnerabilities in unpatched virtual private networks. They noted that a lack of contingency plans and system recovery and other cyber weaknesses have continued to make institutions vulnerable to ransomware attacks.
