"These Cybersecurity Vulnerabilities Are Most Popular With Hackers Right Now - Have You Patched Them?"
One of the most common security flaws exploited by cybercriminals in recent months is a software flaw in Microsoft Office that is more than five years old, and it continues to be exploited because many businesses have yet to apply the available security update. According to Digital Shadows' analysis, the most frequently discussed vulnerability among cybercriminals on underground forums over the last three months is CVE-2017-11882, a security flaw in Microsoft Office first disclosed in 2017. If successfully exploited, this vulnerability allows cybercriminals to execute remote code on a vulnerable Windows system, thus enabling them to secretly drop malware onto the machine. Malware delivered in CVE-2017-11882 attacks includes Formbook, which secretly provides attackers with remote access, keystroke logging, and screenshot capabilities, putting victims at risk of having their usernames and passwords stolen. The vulnerability is also linked to the distribution of Redline malware, which steals usernames, passwords, and credit card information, as well as the contents of cryptocurrency wallets and chat logs. CVE-2017-11882 attacks often begin with phishing emails designed to trick victims into opening malicious documents triggering the bug. Although a security patch for CVE-2017-11882 has been available for several years, the vulnerability is still widespread enough that cybercriminals frequently exploit it. Because of dependencies or preferences, many organizations continue to use these older technologies. According to Nicole Hoffman, senior cyber threat intelligence analyst at Digital Shadows, the continued use of legacy systems is why these older vulnerabilities live on and are actively exploited years later. Follina (CVE-2022-30190), a high-severity zero-day vulnerability in Microsoft Word that emerged earlier this year, was the second most popular vulnerability during the reporting period. Follina enables attackers to execute remote code and deploy malware in order to gain system access. State-sponsored hacking groups and cybercriminal gangs have actively exploited the Follina vulnerability. This article continues to discuss some of the security flaws most associated with recent attacks.