The United States warns that more than 60 holes are in use in current cyber attacks
2 min read
The US government has made a major update to its list of security holes most actively used by cybercriminals with 66 vulnerabilities. Utilize all of the large-scale scams against companies and public organizations in the country and carry out updates as soon as possible with the request of authorized agencies and companies.
In the public sphere, for example, the CISA (Cyber Security and Infrastructure Agency for Free Translation) also provides technical support, with the deadline for mitigation extending to April 15. Indicates the need for alertness, use of updates, configurations and mitigation to be done quickly; In most cases, the holes included in the list already have links, the oldest being discovered in 2005 and still being used in cyber criminal attacks.
The most recent, for example, includes openings on the remote printing system from February this year Microsoft. With them, the malicious code can be activated by the attacker remotely, starting July 2021 in a series of vulnerabilities known as PrintNightmare. That said, all versions of Windows have had patches from last month to close such holes.
Want to stay in the best tech news of the day? Subscribe to our new YouTube channel, Canaltech News. Here is a summary of the top news in the tech world every day for you!
Also on the list are openings on Mitel connected devices, which can be used to amplify service denial, and vulnerabilities in Adobe Reader and Acrobat, phpMyAdmin, Hewlett Packard OpenView and many more. In all cases involving the Software, it is recommended that immediate updates and mitigation measures be used.
Adding 66 vulnerabilities does not mean that they are all actively exploited against US companies and government agencies, but that if they are not included yet, they may come soon. In addition, such disclosures, even if they number in the dozens, are made step by step as a way to ensure well-fitted fixes, without overburdening system administrators and digital security professionals.
As of this writing, there are 570 holes in the CISA’s list of known vulnerabilities, all with indications for repair and mitigation. The list is updated from time to time or when widespread vulnerability is detected, especially when it involves the possibility of attacks against essential service providers and infrastructure.
Source: CISA
“Communicator. Award-winning creator. Certified twitter geek. Music ninja. General web evangelist.”
