The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that hackers are now taking advantage of vulnerabilities coming from top tech companies like Microsoft, Oracle, Apache and Apple, among others. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors of all types and pose significant risk to the federal enterprise,” CISA said in a statement.
CISA added 15 major flaws to its “Known Exploited Vulnerabilities Catalog”, which the US cyber security arm releases every year. Most of the vulnerabilities were disclosed in 2014, 2015, 2016, 2017, 2018 and 2020. These exploits impact Windows, Jenkins, Apache Struts and ActiveMQ, Oracle’s WebLogic, Microsoft Office, D-Link routers, and Apple’s OS X operating system.
The most recent Microsoft vulnerability CVE-2021-36934, that Microsoft patched in August 2021 was also added to the list. CVE is short for Common Vulnerabilities and Exposures. It is a list of publicly disclosed computer security flaws. It should be noted that Microsoft had initially released workarounds and…
