New information on various cyber threats was published this week by security researchers and the Cybersecurity and Infrastructure Security Agency (CISA). Here’s a rundown of the attacks and some recommendations on how to protect against them.
This week, CISA added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, highlighting security vulnerabilities that bad actors are actively exploiting. Malicious cyber attackers use these vulnerabilities often, posing a substantial risk to governments and private organizations.
The new risks identified by various security researchers and CISA are:
* SonicWall SonicOS Buffer Overflow Vulnerability
* Microsoft Windows UPnP Service Privilege Escalation Vulnerability
* Microsoft Windows Privilege Escalation Vulnerability
* Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability
* Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
* Microsoft Windows AppXSVC Privilege Escalation Vulnerability
* Microsoft Task Scheduler Privilege Escalation Vulnerability
* Microsoft Windows AppXSVC Privilege Escalation Vulnerability
* Microsoft Windows AppXSVC Privilege Escalation Vulnerability
* Microsoft Windows Privilege Escalation Vulnerability
* Microsoft Win32k Privilege Escalation Vulnerability
* Microsoft Windows Transaction Manager Privilege Escalation Vulnerability
* Microsoft Windows Kernel Privilege Escalation Vulnerability
* Microsoft Win32k Memory Corruption Vulnerability
* Microsoft Win32k Privilege Escalation Vulnerability