Cybersecurity News

CISA urges orgs to patch actively exploited Windows SeriousSAM bug

The U.S. Cybersecurity & Infrastructure Security Agency has added to the catalog of vulnerabilities another 15 security issues actively used in cyberattacks.

CISA’s warning about these vulnerabilities serves as a wake-up call to all system administrators that they need to prioritize installing security updates to protect the organization’s network.

The most recent one, CVE-2021-36934, is a Microsoft Windows SAM vulnerability that allows anyone to access the Registry database files on Windows 10 and 11, extract password hashes and gain administrator privileges.

Of the older flaws, CVE-2015-2051 is a remote code execution bug affecting D-Link DIR-645 routers that continues to deliver to attackers.

CISA’s list of exploited vulnerabilities is a constant reminder for organizations to deal with outdated and no longer supported hardware that is present in sensitive parts of the network since adversaries do not care how old a vulnerability is as long as it gets them in.

With the addition of the 15 flaws above, CISA’s Known Exploited Vulnerabilities Catalog now lists 367 security vulnerabilities.

Stay on Top of Cyber Threats!
Subscribe to our monthly bulletin to stay updated on major cybersecurity risks.

Recent Cybersecurity News

Tell us about your needs.
Get an answer the same business day.

Tell us about your needs.
Get an answer the same business day.

Got an urgent request? Call us at 1-877-805-7475 or Book a meeting.

What happens next:

  • We reach out to learn about your objectives
  • We work together to define your project's scope
  • You get an all-inclusive, no engagement proposal

No engagement. We answer within 24h.
Scroll to Top

BOOK A MEETING WITH AN EXPERT

Enter Your Corporate Email