Most Vulnerabilities

WANTED WANTED Most WANTED CVE-2019-0604 CVE-2018-7600

Vulnerabilities Light Foot China Chopper Kitty MeOw Using CWE: Improper Input Validation, this threat is on the 10 With a small 4KB footprint and extensive field prowl from cryptomining to embedding ransomware. Routinely exploited by state, nonstate, and unattributed cyber actors experience going back to 2012, this still-powerful threat Vulnerable Products: Drupal before 7.58, 8.x before 8.3.9, preys on unpatched SharePoint servers and their data. 8.4.x before 8.4.6, and 8.5.x before 8.5. The Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS CISA) Vulnerable Products: Microsoft SharePoint Malware Name: Kitty and the Federal Bureau of Investigation (FBI), urges public and private sector organizations alike to Malware Name: China Chopper Click to read RiskSense Web and Application Framework apply necessary updates in order to prevent the most common forms of attacks encountered today. Vulnerabilities report for more research about these types of weaknesses. Sources: Sources: https://nvd.nist.gov/vuln/detail/CVE-2019-0604 https://en.wikipedia.org/wiki/China_Chopper Sources: https://www.zdnet.com/article/dhs-cisa-and-fbi-share-list-of-top-10-most-exploited-vulnerabilities/ https://nvd.nist.gov/vuln/detail/CVE-2018-7600 https://www.us-cert.gov/ncas/alerts/aa20-133a https://www.zdnet.com/article/hello-kitty-malware-targets-drupal-to-mine-for- cryptocurrency

WANTED WANTED WANTED WANTED

CVE-2018-4878 CVE-2017-8759 CVE-2017-5638 CVE-2017-11882

The RAT called DOGCALL Fin and Feather Super Spy JexBoss the Bad The Chaos Crew

What started out as a threat-hunting tool for good Has ties to multiple families and threat actors The threat covertly installs by exploiting security lapses This gang is all about running arbitrary code and turned into a rogue exploit and is closely associated attributed to North Korea and specializes in planting and originally worked as a government-sponsored enjoys a good game of hide-and-seek. with SamSam ransomware. malicious code. surveillance and reconnaissance tool. Vulnerable Products: Apache Struts 2 2.3.x before 2.3.32 and Vulnerable Products: Microsoft Office 2007 SP3/2010 Vulnerable Products: Adobe Flash Player before 28.0.0.161 Vulnerable Products: Microsoft .NET Framework 2.0, 3.5, 2.5.x before 2.5.10.1 SP2/2013 SP1/2016 Products 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 Malware Name: DOGCALL Associated Malware: JexBoss Associated Malware: Loki, FormBook, Pony/FAREIT Associated Malware: FINSPY, FinFisher, WingBird

Sources: Click to read RiskSense Apache Struts Report to learn more Sources: https://nvd.nist.gov/vuln/detail/CVE-2018-4878 Sources: about this vulnerability. https://nvd.nist.gov/vuln/detail/CVE-2017-11882 https://unit42.paloaltonetworks.com/unit42-nokki-almost-ties-the-knot-with- https://nvd.nist.gov/vuln/detail/CVE-2017-8759 https://threatpost.com/new-formbook-dropper-harbors-persistence/145614/ Sources: dogcall-reaper-group-uses-new-malware-to-deploy-rat/ https://attack.mitre.org/software/S0182/ https://www.acunetix.com/blog/articles/pony-malware-credential-theft/ https://nvd.nist.gov/vuln/detail/CVE-2017-5638 https://www.infosecurity-magazine.com/news/threat-actors-exploiting-red-team/

WANTED WANTED WANTED WANTED CVE-2017-0143 CVE-2017-0199 CVE-2012-0158 CVE-2015-1641 WannaCry and Team Boi Power Bot the EternalBlue Fan Club Notorious Big Dollar Dridex The Elder One of the most prevalent financial Trojans with a Working from the safety of the shadows, allows continuous legacy of attacks prevented only by Team known for hiding daggers in Microsoft Office remote attackers to execute arbitrary code. From stories of old, this talented multi-OS RAT works .RTF document cloaks, their PowerShell commands up-to-date patching. through .RTF files, capable of Remote Code wreak havoc once deployed. Vulnerable Products: Microsoft Windows Vista SP2; Windows Execution (RCE). Vulnerable Products: Microsoft Office 2003 SP3, 2007 SP2 and Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; SP3, and 2010 Gold and SP1; Office 2003 Web Components Vulnerable Products: Microsoft Office 2007 SP3/2010 Windows Server 2012 Gold and R2; Windows RT 8.1; and Vulnerable Products: Microsoft Word 2007 SP3, Office 2010 SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and SP2/2013 SP1/2016, Vista SP2, Server 2008 SP2, Windows 7 Windows 10 Gold, 1511, and 1607; and Windows Server 2016 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP1, Windows 8.1 Word for Mac 2011, Office Compatibility Pack SP3, Word SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; Associated Malware: Many using EternalSynergy and Automation Services on SharePoint Server 2010 SP2 and 2013 and Visual Basic 6.0 Associated Malware: FINSPY, LATENTBOT, Dridex EternalBlue Exploit Kit SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 Click to read RiskSense EternalBlue research which provides Associated Malware: Dridex Associated Malware: Toshliph, UWarrior Sources: a deep technical overview of this exploit. https://nvd.nist.gov/vuln/detail/CVE-2017-0199 Sources: Sources: https://nvd.nist.gov/vuln/detail/CVE-2012-0158 Sources: https://nvd.nist.gov/vuln/detail/CVE-2015-1641 https://www.us-cert.gov/ncas/alerts/aa19-339a https://nvd.nist.gov/vuln/detail/CVE-2017-0143 https://en.wikipedia.org/wiki/EternalBlue

RiskSense – the industry’s only full spectrum risk-based vulnerability management and prioritization platform. Find more information about our research at: www.risksense.com/resources