Arecent investigation has discovered that two important VPN applications, PrivateVPN and BetterNet, contain serious vulnerabilities that could allow cyberattackers to intercept communications between users and download fake malicious updates.

One factor that goes some way to explaining these vulnerabilities is the fact that VPN use has shot up due to the increase in remote work during the Covid-19 pandemic. But this in turn also generates more cybersecurity threats, increasing the attack surface, opening new backdoors and attack vectors for cybercriminals. These bad actors have no qualms about exploiting these new opportunities, as we’ve seen with Cisco, Zoho and Citrix’s B2B tools.

In this sense, it is worth wondering whether organizations are sufficiently prepared to deal with possible vulnerabilities. It seems that most are not, given the fact that 90% of cyberattacks could have been prevented by applying a patch or update.

Because of this, applying patching is the most effective individual risk mitigation strategy for organizations.  However, to be able to follow this strategy, it is essential to know which vulnerabilities are most critical to be able to properly prioritize patches and updates. In response, Cytomic has created a portal specifically to help deal with this challenge.

List of vulnerabilities_

In “Top Vulnerabilities 2020”, we provide a list of the most important vulnerabilities discovered in 2020 affecting different version of the Windows operating systems. The list uses six columns containing different fields of information for each vulnerability:

  • CVE: Common Vulnerabilities and Exposures. This is a classification system developed by the non-profit organization MITRE, which is the vulnerability identification standard for the cybersecurity community. It contains an identifying number for each vulnerability.
  • Vendor: The name of the company that owns the software affected by the vulnerability.
  • Title: Descriptive title indicating the specific software and the elements where the vulnerability exists.
  • Included: The date the vulnerability was published.
  • CVS V2/V3 Base Score: Common Vulnerability Scoring System. This is an impact evaluation metric, developed by the organization FIRST. It takes different parameters into account, such as how easily it can be exploited and its potential for damage. All the vulnerabilities on Cytomic’s list have a score of at least 7.
  • Description: A brief description of the vulnerability and an explanation of how cyberattacks could exploit it.

Solutions to fight cybercriminals_

This list, as well as MITRE’s own vulnerability directory, are useful tools for IT teams, since they allow them to rapidly identify vulnerabilities following different criteria, providing them with the capacity to prioritize patches. In addition to this, it is also useful for organizations to have specific solutions to streamline the process of constantly controlling and updating their operating system and applications.

Cytomic Patch was created to respond to this need to detect and resolve vulnerabilities. It provides centralized real-time visibility of the security status of any vulnerabilities in the software being used, missing patches, updates, incompatible software (EoL), and tools to patch all the company’s devices in real time.  Cybersecurity or IT teams can check update statuses and schedule or immediately apply any necessary updates using the console provided by Cytomic Patch.

Furthermore, this module does not depend on vulnerability scanning systems, a process that can take a long time. Instead, it leverages data gathered by Cytomic to provide accurate real-time visibility of how exposed the company is to risks caused by outdated applications, operating systems, or EoL and vulnerable applications. Finally, Cytomic clients can complement this solution with Cytomic Ionic and Cytomic Covalent, which include features such as the ability to isolate outdated computers in order to mitigate risks.

For its part, Cytomic EPDR is Cytomic’s advanced cybersecurity solution, which includes the Zero-Trust Application Service. The automatically implements a disruptive security model based on monitoring, registering and classifying every process on all assets on the corporate network, stopping any that have not been classified as trusted from running. Cytomic EPDR and the Zero-Trust Application service have recently been certified by OPSWAT, and like Cytomic Patch, are an effective solution against vulnerabilities.

All of this means that IT and cybersecurity teams have a much wider range of facilities to reduce their organizations’ attack surfaces, mitigate vulnerabilities, and ensure that no threats can reach the endpoint.