CVE-2018-7600 Archives

Top 30 most commonly exploited vulnerabilities over 2020 and 2021

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / July 29, 2021 / Atlassian, BIG-IP, Citrix, CVE 2018-13379, CVE 2019-11510, CVE 2019-18935, CVE 2020-15505, CVE 2020-5902, CVE-2017-11882, CVE-2018-13379, CVE-2018-7600, CVE-2019-0604, CVE-2019-11580, CVE-2019-19781, CVE-2019-5591, CVE-2020-0787, CVE-2020-12812, CVE-2020-1472, CVE-2021-21985, CVE-2021-22894, CVE-2021-22899, CVE-2021-27101, CVE-2021-27102, CVE-2021-27103, CVE-2021-27104, Drupal, F5, Fortinet, MobileIron, Netlogon, Office, Pulse, Zerologon

Cybersecurity experts from Australia, U.K., and U.S. governments have released a list of the most commonly exploited vulnerabilities over 2020 and 2021.

Patch these 10 most commonly exploited vulnerabilities

Cybersecurity Articles, Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 20, 2020 / Apache, Citrix, CVE-2012-0158, CVE-2015-1641, CVE-2017-0143, CVE-2017-0199, CVE-2017-11882, CVE-2017-5638, CVE-2017-8759, CVE-2018-4878, CVE-2018-7600, CVE-2019-0604, CVE-2019-11510, CVE-2019-19781, Drupalgeddon2, Flash, Gafgyt, JexBoss, Kitty, LinkedIn, LokiBot, Mirai, Pulse Secure, ROKRAT, SMBGhost, Struts, Zyklon

U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.

The top 20 vulnerabilities to patch now (that are most under attack)

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits, Zero-days / By Frank Crast / December 26, 2019 / Apache, BlueKeep, CVE-2012-0158, CVE-2014-8361, CVE-2017-0143, CVE-2017-0199, CVE-2017-10271, CVE-2017-11882, CVE-2017-17215, CVE-2017-5638, CVE-2017-5715, CVE-2017-8570, CVE-2017-8759, CVE-2018-0802, CVE-2018-10561, CVE-2018-12130, CVE-2018-20250, CVE-2018-4878, CVE-2018-7600, CVE-2018-8174, CVE-2019-0708, CVE-2019-2725, IOT, Loki, MDS, Meltdown, Nanocore, Spectre, Struts, Verint, Vulnerabilities, WebLogic, WinRAR, Zyklon

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

Drupalgeddon2 attack campaign

Cybersecurity Attacks, Vulnerabilities & Exploits / By Frank Crast / October 8, 2019 / Akamai, CMS, CVE-2018-7600, Drupal, Drupalgeddon2

Cyber attackers are exploiting an older Drupal remote code execution vulnerability CVE-2018-7600 dubbed Drupalgeddon2.

Cryptomining campaign exploits Drupalgeddon 2.0 vulnerability

Cybersecurity Attacks, Malware, Vulnerabilities & Exploits / By Frank Crast / May 8, 2018 / Cryptocurrency, Cryptomining, CVE-2018-7600, Drupal, Drupalgeddon

A malicious cryptomining campaign has been targeting hundreds of websites running outdated Drupal content management systems. The new cyber attacks exploit recently revealed vulnerabilities on the Drupal platform, patched for over a month.