Cybersecurity Authorities List Top 15 Flaws Exploited In 2021

Share post:

The cybersecurity authorities of the U.S., Australia, Canada, New Zealand and the U.K. have published a list of the 15 biggest vulnerabilities exploited in 2021.

The list includes Log4Shell (CVE-2021-44228), REST API authentication bypass (CVE-2021-40539), ProxyShell (CVE-2021-34523), ProxyShell (CVE-2021-34473), ProxyShell (CVE-2021-31207), ProxyLogon (CVE-2021-27065), ProxyLogon (CVE-2021-26858), ProxyLogon (CVE-2021-26857), ProxyLogon (CVE-2021-26855).

Other flaws include CVE-2021-26084, CVE-2021-21972, CVE-2020-1472, CVE-2020-0688, CVE-2019-11510 and CVE-2018-13379.

The joint advisory also identified 21 additional vulnerabilities commonly exploited by malicious cyber actors in 2021, including those affecting Accellion File Transfer Appliance (FTA), Windows Print Spooler, and Pulse Secure Pulse Connect Secure.

The 10 most frequently exploited vulnerabilities between 2016 and 2019 were also published by CISA and the FBI.

“CISA and our partners are releasing this advisory to highlight the risk that the most commonly exploited vulnerabilities pose to both public and private sector networks. We urge all organizations to assess their vulnerability management practices and take action to mitigate risk to the known exploited vulnerabilities,” said CISA Director Jen Easterly.

The sources for this piece include an article in BleepingComputer.

SUBSCRIBE NOW

Related articles

North Korean Job Scam Targeting IT Job Seekers

North Korea’s Lazarus advanced persistent threat (APT) group has launched a sophisticated campaign, “Operation 99,” targeting freelance software...

Hackers Exploit FastHTTP in High-Speed Microsoft 365 Attacks

Threat actors are employing the FastHTTP Go library to launch high-speed brute-force password attacks on Microsoft 365 accounts...

The Canadian SHIELD Institute: A New Policy Hub To Drive Canada’s Prosperity

Toronto, Canada – January 16, 2025 The Council of Canadian Innovators (CCI) has announced the launch of The...

YouTubers Targeted As Cyberattackers Hide Infostealers in YouTube Comments, Google Search Results

Attackers have found a new way to infect people seeking pirated or cracked software: planting malicious download links...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways