TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    Fitbit’s old-school, OLED-equipped Inspire 3 is down to just $80

    June 10, 2023

    Animoca Brands to Focus on Markets Outside U.S. after SEC Labels Sand Cryptocurrency an Unregistered Security

    June 8, 2023

    Wildfire smoke makes New York air quality worst in the world

    June 7, 2023
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      Fitbit’s old-school, OLED-equipped Inspire 3 is down to just $80

      June 10, 2023

      Walmart’s taking a rare $20 off of a set of four AirTags

      June 1, 2023

      The M1 Pro 16-inch MacBook Pro with 1TB of storage is $800 off today

      May 22, 2023

      Google, how do I ask your AI the right questions?

      May 14, 2023

      Where to preorder The Legend of Zelda: Tears of the Kingdom

      May 6, 2023
    • Business
    • Cyber Security

      Hackers exploit bug in Elementor Pro WordPress plugin

      June 2, 2023

      15 million public-facing services vulnerable to CISA KEV flaws

      May 23, 2023

      HP to patch critical bug in LaserJet printers within 90 days

      May 15, 2023

      Hackers can open Nexx garage doors remotely, and there’s no fix

      May 7, 2023

      Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

      April 29, 2023
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»15 million public-facing services vulnerable to CISA KEV flaws
    Cyber Security

    15 million public-facing services vulnerable to CISA KEV flaws

    May 23, 2023Updated:May 23, 2023No Comments4 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Over 15 million publicly facing services are susceptible to at least one of the 896 vulnerabilities listed in CISA’s KEV (known exploitable vulnerabilities) catalog.

    This massive number is reported by cybersecurity company Rezilion, which conducted large-scale research to identify vulnerable systems exposed to cyberattacks from threat actors, whether state-sponsored or ransomware gangs.

    Rezilion’s findings are particularly worrying because the examined vulnerabilities are known and highlighted in CISA’s KEV catalog as actively exploited by hackers, so any delays in their patching maintain a large attack surface, giving threat actors numerous potential targets.

    Exposed to attacks

    Rezilion used the Shodan web scanning service to find endpoints that are still vulnerable to CVEs added to CISA’s Known Exploitable Vulnerabilities Catalog.

    Using these custom search queries, the researchers found 15 million instances vulnerable to 200 CVEs from the catalog.

    Over half of those 7 million instances were vulnerable to one of the 137 CVEs concerning Microsoft Windows, making this component a top priority for defenders and an excellent target for attackers.

    Excluding Windows, Rezilion has identified the following top-ten CVEs:

    Most frequently found CVEs
    Most frequently found CVEs in exposed endpoints (Rezilion)

    Almost half of those are over five years old, so roughly 800,000 machines have not applied security updates for a significant period of time.

    “Overall, over 4.5 million internet-facing devices were identified as vulnerable to KEVs discovered between 2010 and 2020,” comments Rezilion in the report.

    “It is very concerning that these machines did not patch the relevant published updates for years even though a patch was released, and these vulnerabilities are known to be exploited in the wild.”

    Some notable CVEs highlighted in the Rezilion report are:

    • CVE-2021-40438: medium-severity information disclosure flaw appearing in almost 6.5 million Shodan results, impacting Apache HTTPD servers v2.4.48 and older.
    • Proxyshell: a set of three vulnerabilities impacting Microsoft Exchange, which Iranian APTs chained together for remote code execution attacks in 2021. Shodan returns 14,554 results today.
    • ProxyLogon: a set of four flaws impacting Microsoft Exchange, which Russian hackers extensively leveraged in 2021 against U.S. infrastructure. There are still 4,990 systems vulnerable to ProxyLogon, according to Shodan, with 584 located in the U.S.
    • HeartBleed (CVE-2014-0160): medium-severity flaw impacting OpenSSL, allowing attackers to leak sensitive information from a process memory. Shodan says a whopping 190,446 are still vulnerable to this flaw.

    Furthermore, for CVE-2021-40438, that large number corresponds to the number of websites/services running on Apache, not individual devices, as many websites can be hosted on a single server.

    Shodan results for ProxyLogon
    Shodan results for ProxyLogon (Rezilion)

    It is also important to underline that Rezilion’s 15 million exposed endpoints estimate is conservative, containing only non-duplicates and also leaving out cases for which the researchers could not find queries that narrowed down product versions.

    Rezilion also told BleepingComputer that they did not only rely on built-in Shodan CVE searches for their research but created custom search queries that determined the versions of software running on devices.

    “For some of the vulnerabilities we have Shodan’s inherent tags, but mostly we conducted our own analysis which included identifying the specific vulnerable versions for every affected product and designing specific shodan queries that will allow us to identify indications of these versions in the metadata visible to Shodan,” explained Rezilion’s Director of vulnerability research, Yotam Perkal, to BleepingComputer.

    Exploitation attempts

    Exposure is one thing, but interest from hackers is another, and to answer this, Rezilion used data from Greynoise that monitors and categorizes vulnerability exploitation attempts.

    At the top of the list with the most exploited flaws is CVE-2022-26134, having 1,421 results in GreyNoise, and 816 exploitation attempts in the past month.

    Greynoise exploitation graph for CVE-2022-26134
    Greynoise exploitation graph for CVE-2022-26134 (Rezilion)

    This critical-severity flaw in Atlassian Confluence Server and Data Center allows a remote attacker to execute an Object-Graph Navigation Language expression on the vulnerable instance.

    Other flaws ranking high in the list include CVE-2018-13379, a pre-authentication arbitrary files read impacting FortiOS devices, which has 331 results on GreyNoise, and Log4Shell, a nasty code execution bug on Log4J2 that had 66 exploitation attempts in the past month.

    KEV flaws drawing the most exploitation attempts
    KEV flaws drawing the most exploitation attempts

    Patching all flaws in your environment is the apparent solution to these risks,

    However, if this is a complicated task for your organization, prioritizing critical flaws in your environment or securing them behind a firewall should be the way to go.

    Rezilion says that flaws in Microsoft Windows, Adobe Flash Player, Internet Explorer, Google Chrome, Microsoft Office, and Win32k make up one-fourth of CISA’s KEV catalog, so those products would be a good starting point.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Hackers exploit bug in Elementor Pro WordPress plugin

    June 2, 2023 Cyber Security

    HP to patch critical bug in LaserJet printers within 90 days

    May 15, 2023 Cyber Security

    Hackers can open Nexx garage doors remotely, and there’s no fix

    May 7, 2023 Cyber Security

    Microsoft April 2023 Patch Tuesday fixes 1 zero-day, 97 flaws

    April 29, 2023 Cyber Security

    SAP releases security updates for two critical-severity flaws

    April 21, 2023 Cyber Security

    Kyocera Android app with 1M installs can be abused to drop malware

    April 13, 2023 Cyber Security
    Editors Picks

    Animoca Brands to Focus on Markets Outside U.S. after SEC Labels Sand Cryptocurrency an Unregistered Security

    June 8, 2023

    Wildfire smoke makes New York air quality worst in the world

    June 7, 2023

    Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG | CISA

    June 5, 2023

    Idaho hospitals working to resume full operations after cyberattack

    June 4, 2023
    Trending Now

    People’s Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection | CISA

    By techbizweb

    Study tests the potential of two quantum machine learning algorithms for malware classification

    By techbizweb

    New hyperactive phishing campaign uses SuperMailer templates: Report

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2023 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.