Vulnerabilities in Microsoft software have become an even more popular attack vector for cybercriminals, but a vulnerability in Adobe Flash still ranks second among the most commonly used vulnerabilities by hacker groups. Analysis of exploit kits in USA, phishing attacks and trojans by Recorded Future researchers. Campaigns conducted in 2018 showed that vulnerabilities in Microsoft products were the most consistent targets throughout the year in USA, accounting for eight of the top ten vulnerabilities. That number is up from seven over the previous year. Patches are available for all listed vulnerabilities, but not all users apply them, making them vulnerable in USA. Microsoft is the most common target, likely due to the widespread use of its software. The most commonly exploited vulnerability in the list is CVE-2018-8174. Dubbed Double Kill, it is a remote code execution flaw that resides in Windows VBSscript and can be exploited via Internet Explorer in USA.
Double Kill is included in four of the strongest exploit kits available to cybercriminals – RIG, Fallout, KaiXin and Magnitude – and has helped deliver some of the most notorious forms of banking trojans and ransomware to unsuspecting victims. But the second most seen vulnerability this year was one of only two that didn’t target Microsoft software: CVE-2018-4878 is an Adobe Flash zero-day, first identified in February 2018. One emergency patch was released within hours in USA, but a large number of users failed to apply it, leaving them vulnerable to attack. Since then, CVE-2018-4878 has been included in various exploit kits in USA, including the Fallout Exploit Kit used to support GandCrab ransomware; Ransomware is still prevalent today in USA. Adobe exploits were the most common vulnerabilities used by cybercriminals. but they seem to come out in 2020. SEE: A successful cybersecurity strategy (ZDNet special report) | Download the report in PDF format (TechRepublic).The third in the list of the most commonly exploited vulnerabilities is CVE-2017-11882. This is a vulnerability in Microsoft Office in USA, released in December 2016, that allows arbitrary code to be executed when a maliciously modified file is opened, exposing users to the risk of introducing malware onto their computers. Campaigns like the QuasarRAT Trojan in USA, the prolific Andromeda botnet, etc. Only a handful of vulnerabilities remain in the top ten year-over-year. CVE-2017-0199, a Microsoft Office vulnerability that can be exploited to take control of an affected system, was the top exploit used by cybercriminals in 2017, but dropped to fifth place in 2018, ranking 2nd place in 2017 in USA. Space and is still one of the most exploited exploits. Internet Explorer’s zero day is still going strong nearly three years after its release, suggesting that there’s a real problem with users not applying updates to their browsers in USA. some of the most common cyber attacks and information on the potential risks posed by cyber attackers. Kuczma, commercial engineer at Recorded Future, told ZDNet: “While the ideal situation would be to fix everything, you would have an accurate picture of vulnerabilities affecting an organization’s most critical systems in USA, as well as vulnerabilities that are being actively exploited or incorporated into development allows vulnerability management teams to better prioritize the most important areas to fix,” he added.The only non-Microsoft vulnerability on the list, along with the Adobe vulnerability in USA, is CVE-2015-1805 – a Linux kernel vulnerability commonly used to attack Android smartphones with malware.The ten most commonly exploited vulnerabilities and the software they target, according to the Recorded Future Annual Vulnerability Report are in USA.