The United States Cybersecurity and Infrastructure Security Agency (CISA) announced on April 7, 2023 five security flaws that have been added to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence these vulnerabilities are being actively exploited and could impact your business.
The vulnerabilities outlined in the recent release includes exploits from popular technologies of Veritas and Apple.
Veritas is an international data management company which offers da\ta protection software known as Veritas Backup Exec. This software allows for data backup and recovery for information stored physically, virtually or in the cloud. The three vulnerabilities occurred in the Backup Exec Agent, which is installed on a company’s systems to collect data and send it to a backup server. Veritas has released a patch for this vulnerability along with installation instructions, which should be followed as soon as possible, if you are using this software.
Vulnerabilities on critical servers can put sensitive information at risk and should be addressed quickly. The Backup Exec Agent uses administrator privileges to backup files on a server. When an attacker exploits it, they have access to these privileges. Any sensitive data stored on the server will be exposed to theft or ransomware attack. If the server has access to other resources on the network, it may be used to launch additional attacks.
Apple, a multinational technology company, has two vulnerabilities affecting its products that allow attackers to run commands on a user’s device. The first allows an attacker to create malicious web content exploiting flaws in a user’s web browser. The second utilizes a malicious app that exploits the device to run sensitive commands not normally available to apps. These vulnerabilities affect many iOS, iPadOS and macOS devices. If you are operating on one of these devices, you should update them as soon as possible to receive the appropriate patches from Apple.
Employees increasingly rely on mobile devices to access email, chat with coworkers, and access internal resources. Like a workstation, company-owned mobile devices should be configured to ensure web access is filtered and only approved apps are installed. These restrictions greatly reduce the likelihood of an employee interacting with malicious content. If personal devices are being used to access work resources, establish a Bring Your Own Device (BYOD) policy that sets forth clear requirements for configuring and patching the device.
The KEV Catalog
The KEV catalog is a living list managed by CISA of known common vulnerabilities and exposures (CVE) that attackers are currently exploiting or attempting to exploit.
This catalog helps organizations better manage vulnerabilities by sharing how descriptions of the threats and actions your business can take to mitigate them. By reviewing and monitoring the KEV catalog, organizations can prioritize remediation of the listed vulnerabilities to reduce the likelihood of compromise. To make sure a threat is never missed, we recommend you have your internal technology support team subscribe to the catalog. The KEV catalog should be used as an input into your organization’s vulnerability management prioritization framework.
How We Can Help
The evolving cybersecurity threat landscape can be overwhelming to navigate. Our highly credentialed and experienced team at Beene Garter, A Doeren Mayhew Firm can work with you to scan your network for vulnerabilities, show you exactly how an attacker could exploit them and create a comprehensive remediation plan. Regardless of your current cybersecurity posture, we can help you implement strategies to combat attacks, positioning your organization to turn risks into opportunities.
Want to learn more about our cybersecurity solutions?