A caller AtlasVPN study rounds up an inglorious cybersecurity apical 10 of sorts, highlighting the companies that person amassed the astir vulnerabilities successful the archetypal fractional of this year.
A drawstring of caller cyberattacks person hamstrung captious aspects of U.S. infrastructure specified arsenic domestic nutrient and petroleum production, bringing conversations surrounding information beforehand and halfway for companies astir the globe. A caller AtlasVPN study highlights the companies that person amassed the astir information vulnerabilities done the archetypal fractional of 2021.
SEE: Security incidental effect policy (TechRepublic Premium)
Most information vulnerabilities successful 2021
In the archetypal six months of 2021, Google and Microsoft person "accumulated the astir vulnerabilities," according to Atlas VPN findings based connected a caller Telefonica Tech report. Among companies with the astir accumulated information vulnerabilities to commencement 2021, Google claimed the apical spot with 547; followed by Microsoft with 432, per AtlasVPN.
In a post, writer of the study and cybersecurity researcher William S. said "exploiting Google products similar Chrome is fashionable among cybercriminals," making enactment of the ample idiosyncratic base, "meaning that much net users tin go victims of the exploits." As for runner-up Microsoft, William S. said that "state-sponsored menace actors from China abused Microsoft Exchange Server vulnerabilities to transportation retired ransomware attacks," adding that "other attackers would driblet cryptocurrency miners from the post-exploit web shells."
SEE: How to negociate passwords: Best practices and information tips (free PDF) (TechRepublic)
In the 3rd spot, Oracle amassed 316 vulnerabilities with Cisco (200) and SAP (118) rounding retired the apical five. When discussing No. 3 Oracle, William S. said that these exploits are "usually" discovered successful "Oracle WebLogic Server, which functions arsenic a level for developing, deploying and moving endeavor Java-based applications," adding that these "exploited flaws could springiness entree to the affected strategy for distant attackers."
Outside of AtlasVPN's apical 5 companies, there's a marked drop-off successful vulnerabilities for the remainder of the field: IBM (69), Jenkins (68), Apple (67), Linux (65) and Aruba (56).
Microsoft vulnerabilities
Last month, Microsoft sent warnings to "thousands" of the company's unreality computing customers, explaining that "intruders could person the quality to read, alteration oregon adjacent delete their main databases," according to a Reuters study citing a cybersecurity researcher and a transcript of the informing email. Via email, a Microsoft spokesperson told TechRepublic that the institution "fixed this contented instantly to support our customers harmless and protected" and thanked "the information researchers for moving nether Coordinated Vulnerability Disclosure."
2021 ransomware payouts
In the archetypal six months of 2021, ransomware payments surged 82% to $570,000 connected average, according to Unit 42's Ransomware Threat Report. In the aftermath of the Colonial Pipeline attack, the institution paid DarkSide hackers much than $4 million, according to a Wall Street Journal interrogation with the CEO. Following the JBS attack, the institution paid the REvil radical $11 million.
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and Thursdays
Sign up todayAlso spot
- The apical keywords utilized successful phishing email taxable lines (TechRepublic)
- Security threats connected the horizon: What IT pro's request to cognize (free PDF) (TechRepublic)
- Checklist: Securing integer information (TechRepublic Premium)
- Cybersecurity and cyberwar: More must-read coverage (TechRepublic connected Flipboard)