Network security memorabilia - Summary of vulnerability exploitation events in 2021

Internet Era , All things connected , When people enjoy the benefits of digital life , Hidden security vulnerabilities are also posing a threat at all times , As long as technology is a double-edged sword , Vulnerabilities will accompany the continuous development of information technology , Corresponding to that , Some network hackers are also improving their vulnerability utilization technology , Attacks have become more frequent .

Network security company Check Point Research The survey report issued indicates that , In the past 2021 year , The network attacks against enterprises every week are on a year-on-year basis 2020 Years increased 50%, Especially the nuclear bomb that broke out at the end of the year Log4J Loophole , Millions of attacks attempt to exploit this vulnerability every hour .

Through the screening of major news events in the past year , It is not difficult to see that traditional technology giants are still the key targets of vulnerability exploitation , These enterprises hold the most valuable data information , Become a hacker “ The bestselling ”, But at the same time , As the new outbreak continues , Medical treatment and distance education are growing , Vulnerability attacks on these systems related to the people's livelihood are also increasing rapidly .

Now? , Let's look back , Inventory in 2021 In, the industry 、 And even the whole society 30 A representative exploit event .

1.TikTok The vulnerability exposes the user's personal data and phone number

2021 year 1 month , Network security researchers have revealed TikTok Security vulnerabilities that have been fixed in , This vulnerability may allow an attacker to establish a database of the application's users and their associated phone numbers , For future malicious activities .

2. Apple warning ：3 individual iOS Of 0day The loophole was exposed , May be widely used

Apple released iOS、iPandOS and tvOS To fix the vulnerability , But it involves 3 Vulnerabilities may have been widely exploited , It can enable attackers to elevate their privileges to achieve remote control .

3. Unrepaired WordPress Plug in code injection vulnerability affects 5 Million websites

One is installed in 50,000 On multiple sites WordPress plug-in unit ——Contact Form 7 Style Was found to have a security vulnerability , It may allow an attacker to inject malicious information into the victim website JavaScript.

4.Telegram The vulnerability may allow access to a user's secret chat

Telegram It is revealed that there is a vulnerability in the application , This vulnerability may send the user's secret message , Photos and videos are exposed to remote attackers .

5. Microsoft enterprise email product Exchange Server Expose serious loopholes

3 month 3 Japan , Microsoft said , A hacker organization thought to have a government background is eyeing Microsoft's enterprise e-mail products Exchange Server. The vulnerability exploited by the organization is a network security company Volexity Inc. On 1 The zero day vulnerability discovered at the beginning of the month . Microsoft said , this 4 Vulnerabilities have been fixed .

6. Researchers found a zero day vulnerability in the plug-in , Can take over WordPress Website

Wordfence Team researchers 3 month 10 Said Monday , stay The Plus Addons for Elementor WordPress A zero day vulnerability was found in the plug-in , This vulnerability can be exploited to gain website management rights and take over the website . Researchers warn , This zero day vulnerability has been exploited in the wild .

7. Wechat is exposed to high risk 0day Loophole

4 month 16 Japan , WeChat PC The version 2 client was exposed to have a high-risk level of opposition 0day Loophole . Hackers only need to send a special message via wechat Web link , Once the user clicks the link , WeChat PC(Windows) Version process wechatweb.exe Will load shellcode perform , The whole process is implemented without documents , No new process is generated ..

8.Facebook New vulnerabilities have been exposed ： It can collect users' e-mail information

4 At the beginning of , Hackers have publicly released a system that owns 5.3 Billion Facebook Data set of user's personal information . Subsequently, the company admitted that there was this data leak , However, it said that users affected by this vulnerability will not be notified .

9. Experts found that apples AirDrop A loophole in , May disclose the user's personal information

4 End of month , From the secure mobile network laboratory of Darmstadt University of Technology （SEEMOO） And the cryptography and privacy engineering group （ENCRYPTO） A team of researchers in have studied Apple AirDrop, A serious privacy breach has been discovered , It may expose the user's contact information , Such as e-mail address and telephone number .

10.Nvidia warn ：GPU Drivers and vGPU There are serious security vulnerabilities in the software

Nvidia It has been disclosed Nvidia Graphic processing unit （GPU） Displays a set of security vulnerabilities in the driver , This may expose gamers and others to privilege escalation attacks 、 Arbitrary code execution 、 Denial of service （DoS） And information disclosure .

11. Qualcomm chip vulnerabilities are affecting around the world 30％ Mobile phones

5 month 8 Japan , qualcomm 5G A vulnerability in the modem data service may allow mobile hackers to remotely attack Android users by injecting malicious code into the phone's modem , Gain the ability to execute code , Access the call records and SMS messages of mobile users , And wiretap the phone .

12. Because of hackers , The computer system of the Irish medical system is paralyzed

5 month 14 Japan , The Irish health service has suffered a serious extortion attack , The computer system had to be shut down . Dell issues security announcement , Said to fix an existing for 12 A driver vulnerability in 2000 . The vulnerability is expected to affect hundreds of millions of Dell devices . From the desktop to the latest Alienware And laptops , about 380 Three types of equipment have been affected .

13. serious Windows HTTP Holes affect WinRM The server

Windows IIS Server's HTTP There is an exploitable vulnerability in the protocol stack , This vulnerability can also be used to attack unpatched Windows 10 And public exposure WinRM（Windows Remote management ） Service server system .

14. Apple fixed 2 Were used to attack the old version iPhone Of WebKit Loophole

Apple has released a new version of iPhone and iPad Out of band of iOS to update , And warned , Attackers are actively taking advantage of WebKit Two holes in .

15. Experts have found it possible to bypass Windows Hello Loopholes in functionality , You can log in and run Windows 10 Our computer

CyberArk Labs Security researchers at have discovered a security bypass vulnerability , The vulnerability number is CVE-2021-34466, influence Windows Hello Face authentication process . An attacker can use this vulnerability to log in and run Windows 10 Operating system system .

16. philips Vue PACS There are serious defects in medical imaging systems

According to disclosure , philips Vue PACS Some vulnerabilities in the medical imaging system may be exploited by an attacker to control the affected system , Such as viewing or modifying data 、 Gain system access 、 Execute code 、 Installing unauthorized software, etc .

17. Google ： four 0day Vulnerabilities are actively exploited , LinkedIn has been attacked

Google security shared 4 A new one 0day Vulnerability information . also , Google also revealed , Related to Russia APT Organizations are taking advantage of Safari Zero Day vulnerability attack LinkedIn user .

18. Long 16 Security vulnerabilities in affected millions of HP 、 samsung 、 Xerox printer

stay HP、Xerox and Samsung A presence was found in the printer driver 16 Security holes in , Allows an attacker to use vulnerable driver software to gain system administrator privileges .

19. Microsoft native hypervisor Hyper-V Expose existence 9.9 High risk vulnerabilities

7 month 28 Japan , Microsoft native hypervisor Hyper-V Expose existence 9.9 branch （ Full marks 10 branch ） Security vulnerability , May cause the host DDoS Attack and RCE attack .Hyper-V Used in Windows Systems and Azure Create virtual machine in cloud computing environment .

20. Microsoft has warned about the vulnerability of its cloud computing database

8 month 26 Japan , Microsoft has warned thousands of its cloud computing customers , An attacker may allow reading 、 Change or even delete their master database . These customers include some of the world's largest companies . The vulnerability lies in Microsoft Azure Our flagship product Cosmos database .

21. German hospitals were attacked by ransomware , Patient death

9 At the beginning of , Hackers took advantage of SJ ADC CVE-2019-19781 Vulnerability to launch blackmail attacks on hospitals , The hospital is unable to carry out the arranged outpatient treatment and emergency care , As a result, a critically ill patient delayed treatment and died .

22. Hp games have revealed kernel level vulnerabilities , Affect millions of computers around the world

HP OMEN There is a serious vulnerability in the driver software , This vulnerability affects millions of game computers around the world . The vulnerability is named CVE-2021-3437（CVSS score ：7.8）, It may allow threat actors to elevate privileges to kernel mode without requiring administrator privileges , So as to disable the security products 、 Covering system components , Even destroy the operation of the operating system .

23. Hikvision camera has a Remote Code Execution Vulnerability

Be tracked as CVE-2021-36260 The critical vulnerability of has affected 70 Multiple Hikvision equipment models , And may allow an attacker to take over them . The flaw is Hikvision IP The camera /NVR An unauthenticated remote code execution in the firmware (RCE) Loophole .

24. Digital trading platform OpenSeaNFT Discover loopholes , Hackers can steal cryptocurrencies

Security researchers found , Digital trading platform OpenSeaNFT Vulnerability , An attacker can entice a user to click a malicious NFT Artwork , To gain access , And clear their accounts of cryptocurrencies .

25.Wi-Fi Safe black hole ：70% The family of WiFi The network can be cracked quickly

10 month ,Cyber Ark Security researchers Ido Hoorvitch Successfully cracked Tel Aviv, Israel 5000 individual WiFi In the network sample 70%, This test shows that the family WiFi The situation of network security is extremely severe .

26. Intel exposed high-risk vulnerabilities in several processors

Intel has announced three high-risk processor vulnerabilities with a wide range of impact , It can allow attackers and malware to gain enhanced privileges on the device system .

27. MediaTek revealed “ Bugging holes ”, Affect the world 37% Smart devices for

MediaTek's chip was exposed in AI And audio processing components , This vulnerability can lead to the user not knowing “ Be bugged on a large scale ”. Around the world 37% Of smart phones and Internet of things devices use the chips of MediaTek .

28. Cisco Talos A high-risk right raising vulnerability was found , all Windows Versions are affected

Computer security organization Cisco Talos A new right raising loophole has been discovered , The vulnerability exists Windows In setup , Include Windows 11 and Windows Server 2022 Everything inside Windows Versions are affected .

29. HP 150 This printer has two serious vulnerabilities

Security researchers have uncovered the impact on HP 150 A multi-function printer （MFP） Two security vulnerabilities of , Attackers can use these vulnerabilities to steal sensitive information , And infiltrate the enterprise network to launch other attacks .

30. Hackers use Log4Shell The vulnerability attacks the Belgian Ministry of defence

The researchers found that , The attacker took advantage of Log4Shell Vulnerabilities launch strong network attacks , This has paralysed some activities of the Belgian Ministry of defence , For example, the mail system has been shut down for several days .

2021 Years have passed , In the future, all enterprises and units need to learn a lesson , Avoid network attacks , For enterprise data 、 Information systems pose a threat , Attention should be paid to network security awareness and network security personnel training . Yushu education will be conducted in accordance with the relevant provisions of the Internet Information Department and the Internet security law , Help various industries to provide network security awareness 、 Skills training .

source ：FreeBuf