• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Malware Developers Are Targeting These 10 2021 Security Bugs

Research from Skybox Security finds that security 2021 bugs in Log4j and Exchange Server are the most targeted by malware developers.

April 13, 2022 Zachary Comeau Leave a Comment

Log4j, Older Vulnerabilities, CISA KEV
stock.adobe.com/Andreas Prott

Security analysts at Skybox Security uncovered a 42% increase in new ransomware programs targeting known vulnerabilities last year, including critical vulnerabilities discovered in Log4j and Exchange Server.

The San Jose, Calif. cybersecurity company’s 2022 Vulnerability and Trends Report, released this week, details how quickly hackers capitalize on new security bugs and continue to reduce the amount of time that organizations have to remediate vulnerabilities ahead of attacks.

According to Skybox Research Lab, the company’s threat intelligence division, there were 20,175 new vulnerabilities published in 2021, which is up significantly from 18,341 published in 2020 and the most ever reported in a single year.

In addition, that increase in new vulnerabilities is the largest year-over-year increase since 2018.

The company listed 10 vulnerabilities disclosed in 2021 and the number of malware programs targeting them, with the Log4j remote code execution vulnerability, dubbed Log4Shell, top among them with 15 malware programs targeting the bug.

Seven of the listed bugs are Microsoft Exchange Server issues, including code execution, elevation of privilege, arbitrary file write flaws and more.

The other two vulnerabilities are remote code execution flaws in Pulse Connect Secure and Atlassian Confluence.

Those 10 bugs, ranked in order, include:

  • CVE-2021-44228 – Apache Log4j Critical Remote Code Execution Vulnerability (Log4Shell)
  • CVE-2021-26855 – Microsoft Exchange Server Remote SSRF Vulnerability
  • CVE-2021-27065 – Microsoft Exchange Server Remote Arbitrary File Write Vulnerability
  • CVE-2021-26857 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-26858 – Microsoft Exchange Server Remote Arbitrary File Write Vulnerability
  • CVE-2021-34523 – Microsoft Exchange Server Elevation of Privilege Vulnerability
  • CVE-2021-34473 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-22893 – Pulse Connect Secure Remote Code Execution Vulnerability
  • CVE-2021-26084 – Atlassian Confluence Remote Code Execution Vulnerability (Confluenza)
  • CVE-2021-31207 – Microsoft Exchange Server Security Feature Bypass Vulnerability

The company’s report also found that crypto hacking and ransomware programs are leading the charge, with increases of 75% and 42%, respectively, as cybercriminals continue to conduct attacks designed to turn a quick profit.

“Both cases illustrate how the malware industry is getting better at leveraging emerging business opportunities, providing a range of tools and services used by seasoned cybercriminals and inexperienced newbies alike,” the report says.

The company’s research indicates that malware developers are moving quickly to target newly disclosed vulnerabilities.

Skybox Security’s report also details just how quickly attackers exploit vulnerabilities and how much faster they are at developing attacks to exploit them. According to the report, 168 bugs published in 2021 were exploited within in the year, a 24% increase from 2020. That puts security teams in a squeeze as they have a limited amount of time to remediate the bugs once they are published.

The company urges organizations to take a different approach to vulnerability risk rather than just relying on the CVSS score, including advanced risk scoring. That means grading security bug risk based on four factors:

  • Measured CVSS severity
  • Likelihood of exploitation
  • Exposure level based on security controls and configurations in place on the network
  • Importance of the asset

The company also advises companies to take a holistic discovery approach to vulnerabilities, more precisely prioritize patches, conduct targeted mitigation and remediation and automate security functions to keep oversight ongoing.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Malware, Patch management, Skybox Security, Vulnerabilities

Related Content:

  • AI Automation burnout What is It About AI That Brings Excitement,…
  • A woman on a videoconference call, AI, videoconferencing AI’s Revolutionary Impact on the Videoconferencing Experience
  • People using Jabra videobar with Microsoft Intelligent Speaker feature. Jabra Integrates Microsoft Intelligent Speaker Feature in its…
  • Shure logo Shure Microflex Advance MXA920 & MXA902 Receive Google…

Free downloadable guide you may like:

  • Creating Great User Experience and Ultimate Flexibility with Clickshare

    Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When designing the office spaces – and meeting spaces in particular – enabling that connection between co-workers is crucial. Introducing the right collaboration technology in meeting spaces is the biggest challenge for IT managers […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Advertise with Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSDO NOT SELL MY PERSONAL INFORMATIONTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.