The Transform Technology Summits start October 13th with Low-Code/No Code: Enabling Enterprise Agility. Register now!
Google and Microsoft accumulated the most vulnerabilities in the first half of 2021, according to findings from Atlas VPN. Although not all exposures can cause critical damage, hackers could exploit some of them for severe attacks.
Google had 547 accumulated vulnerabilities throughout the first half of 2021. Exploiting Google products like Chrome is popular among cybercriminals. More than 3 billion people use the browser, meaning that more internet users can become victims of the exploits.
Next up, the second most exposures were found in Microsoft products — 432. State-sponsored threat actors from China abused Microsoft Exchange Server vulnerabilities to carry out ransomware attacks. Other attackers would drop cryptocurrency miners from the post-exploit web shells.
Oracle registered 316 total vulnerabilities in the first six months of 2021. Usually, the exploits are found in Oracle WebLogic Server, which functions as a platform for developing, deploying, and running enterprise Java-based applications. The exploited flaws could give access to the affected system for remote attackers.
Some vulnerabilities stand out due to their particular relevance or danger. For example, in the first half of 2021, there were 1,023 vulnerabilities found with a risk level of 10. One of the exploits that applied to such a level is CVE-2021-22986, with a score of 9.8. The vulnerability was found in the security company’s F5, BIG-IP, and BIG-IQ services. Successful exploitation of the flaw allowed to take complete control of the system.
Vulnerabilities with lower scores are either not dangerous or hardly exploitable. However, abusing flaws in Google or Microsoft products allow cybercriminals to probe millions of systems.
The data is based on Telefonica Tech Cybersecurity Report 2021 H1. The report analyzes mobile security and the most common vulnerabilities in today’s cybersecurity landscape.
Read the full report by Atlas VPN.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.
Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more
Source by [author_name]