Microsoft vulnerabilities most exploited in US financial sector

The U.S. financial sector was most targeted with attacks exploiting vulnerabilities in Microsoft products, reports The Record, a news site by cybersecurity firm Recorded Future. Threat actors attacking the sector have leveraged a Microsoft Windows remote code execution flaw, tracked as CVE-2015-1635, more than 900 times in November, while a Microsoft Exchange Server vulnerability, tracked as CVE-2021-31206, was used 700 times, making it the second most exploited bug in the sector, a LookingGlass report showed. "This goes to show that when hackers find a successful attack method, they continue to exploit it for years to come, particularly in highly advantageous industries like the financial sector," said LookingGlass CEO Bryan Ware, who was previously an assistant director at the Cybersecurity and Infrastructure Security Agency. Other commonly exploited flaws in the sector include the ProxyShell vulnerabilities, which include CVE-2021-34523, CVE-2021-31207, and CVE-2021-34473. "Across the U.S. financial sector, more than half of the vulnerabilities our platform detected reside in the insurance subsector, roughly a quarter fell under credit intermediaries, and about one in three of all vulnerabilities were carried over from third party services providers," said the report.