Prime 15 Vulnerabilities Attackers Exploited Thousands and thousands of Instances to Hack Linux Programs

Near 14 million Linux-based programs are immediately uncovered to the Web, making them a profitable goal for an array of real-world assaults that might outcome within the deployment of malicious internet shells, coin miners, ransomware, and different trojans.

That is in response to an in-depth take a look at the Linux menace panorama printed by U.S.-Japanese cybersecurity agency Trend Micro, detailing the highest threats and vulnerabilities affecting the working system within the first half of 2021, based mostly on information amassed from honeypots, sensors, and anonymized telemetry.

The corporate, which detected practically 15 million malware occasions geared toward Linux-based cloud environments, discovered coin miners and ransomware to make up 54% of all malware, with internet shells accounting for a 29% share.

Stack Overflow Teams

As well as, by dissecting over 50 million occasions reported from 100,000 distinctive Linux hosts throughout the identical time interval, the researchers discovered 15 completely different safety weaknesses which can be recognized to be actively exploited within the wild or have a proof of idea (PoC) —

  • CVE-2017-5638 (CVSS rating: 10.0) – Apache Struts 2 distant code execution (RCE) vulnerability
  • CVE-2017-9805 (CVSS rating: 8.1) – Apache Struts 2 REST plugin XStream RCE vulnerability
  • CVE-2018-7600 (CVSS rating: 9.8) – Drupal Core RCE vulnerability
  • CVE-2020-14750 (CVSS rating: 9.8) – Oracle WebLogic Server RCE vulnerability
  • CVE-2020-25213 (CVSS rating: 10.0) – WordPress File Supervisor (wp-file-manager) plugin RCE vulnerability
  • CVE-2020-17496 (CVSS rating: 9.8) – vBulletin ‘subwidgetConfig’ unauthenticated RCE vulnerability
  • CVE-2020-11651 (CVSS rating: 9.8) – SaltStack Salt authorization weak spot vulnerability
  • CVE-2017-12611 (CVSS rating: 9.8) – Apache Struts OGNL expression RCE vulnerability
  • CVE-2017-7657 (CVSS rating: 9.8) – Eclipse Jetty chunk size parsing integer overflow vulnerability
  • CVE-2021-29441 (CVSS rating: 9.8) – Alibaba Nacos AuthFilter authentication bypass vulnerability
  • CVE-2020-14179 (CVSS rating: 5.3) – Atlassian Jira info disclosure vulnerability
  • CVE-2013-4547 (CVSS rating: 8.0) – Nginx crafted URI string dealing with entry restriction bypass vulnerability
  • CVE-2019-0230 (CVSS rating: 9.8) – Apache Struts 2 RCE vulnerability
  • CVE-2018-11776 (CVSS rating: 8.1) – Apache Struts OGNL expression RCE vulnerability
  • CVE-2020-7961 (CVSS rating: 9.8) – Liferay Portal untrusted deserialization vulnerability

Much more troublingly, the 15 mostly used Docker pictures on the official Docker Hub repository has been revealed to harbor a whole bunch of vulnerabilities spanning throughout python, node, wordpress, golang, nginx, postgres, influxdb, httpd, mysql, debian, memcached, redis, mongo, centos, and rabbitmq, underscoring the necessity to secure containers from a variety of potential threats at every stage of the event pipeline.

“Customers and organizations ought to at all times apply safety finest practices, which embody using the safety by design strategy, deploying multilayered digital patching or vulnerability shielding, using the precept of least privilege, and adhering to the shared duty mannequin,” the researchers concluded.

Source link