Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Raphaël Illouz, CEO Purplemet comment vulnerabilties during 2020

January 2021 by Raphaël Illouz, CEO Purplemet

Last year was...quite special, right? You know what they say, though, while the cat’s away, the mice play and 2020 was no exception. While we got distracted by pandemics, panic, and coronavirus, the hackers were free to do what they do best - make problems for us!

The biggest threats in 2020 were:
 Draytek Vigor Command Injection (CVE-2020-8515)
 Citrix Multiple Products Directory Traversal (CVE–2019–19781)
 Pulse Connect Secure File Disclosure (CVE-2019-11510)
 F5 BIG-IP Remote Code Execution (CVE–2020–5902)

You’ll find a good article on them here. It links to the NSA’s report on the top 25 vulnerabilities currently being leveraged and exploited by Chinese hacking groups. It’s worth looking at that report too, it has some general recommendations that everyone should implement.

Remember - even though we’re hopefully leaving the worst of 2020 in the past, these vulnerabilities are coming with us into 2021 - in fact, they’re already here!

So what can you do? Keep the defensive walls strong (updated) and hackers will find it much harder to find your web app’s vulnerabilities.


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts