Recent Key Vulnerabilities

We’ve rounded up the most recent vulnerabilities from Q4 2021 and 2022 to keep you updated on frequently used attack vectors, their impacts, and how you can learn more in order to keep your company safe going forward.

October:

Apache HTTP Web Server Vulnerability

Apache Software Foundation released an updated version of their web server to fix two vulnerabilities present on Apache version 2.4.49. Attackers leveraged the zero-day vulnerability, CVE-2021-41773, to view files outside of the website root directory and execute arbitrary code on the servers. Learn more.

November:

SaaS Companies at Increased Risk of Social Engineering Attacks (After Robinhood)

Robinhood notified customers of a security breach that resulted in the theft of data on millions of their customers. Threat intelligence indicated that threat actors are targeting other SaaS companies using similar techniques. Learn more.

November:

Palo Alto Networks GlobalProtect VPN Vulnerability

Palo Alto Networks (PAN) issued a security advisory regarding a critical vulnerability, CVE-2021-3064, that affects their firewalls using the GlobalProtect Portal VPN. Learn more.

November:

GoDaddy Breach

Web hosting company GoDaddy Inc disclosed that email addresses of up to 1.2 million active and inactive Managed WordPress customers had been exposed in an unauthorized third-party access of its Managed WordPress hosting environment. Learn more.

December:

SonicWall Secure Mobile Access (SMA) Vulnerability

SonicWall issued an advisory addressing high and critical vulnerabilities in their SonicWall Secure Mobile Access (SMA) 100 series appliances. Learn more.

December:

Log4j Zero Day Vulnerability

A security researcher disclosed a critical vulnerability in the popular Java-based logging package Log4j, which allows unauthenticated users to execute malicious commands on systems. Learn more.

January:

VMWare Horizon Vulnerability

VMware Security Solutions issued an advisory in response to attackers actively targeting VMware Horizon servers that are vulnerable to Apache Log4j CVE-2021-44228 (Log4Shell). Learn more.

February:

Samba Vulnerability

Samba security released a patch for a critical vulnerability, CVE-2021-44142. This vulnerability is found in all versions of Samba prior to 4.13.17 using the VFS (Virtual File System) module "vfs_fruit" which provides additional support for Mac OSX devices. Learn more.

February:

WatchGuard VPN

The FBI and the UK National Cyber Security Centre (NCSC) informed WatchGuard, a network security vendor, of a sophisticated state-sponsored malware impacting WatchGuard firewall appliances. Learn more.

February:

Malicious Cyber Incidents in Ukraine

Russia's invasion of Ukraine included a hybrid warfare model that involved a variety of cyber attacks against public and private sector organizations in Ukraine. This has increased concerns over potential collateral damage from future cyber attacks. Learn more.

Looking Forward

Thank you for reading the Q1 2022 Corvus Risk Insights Index! We hope you enjoyed our cyber experts’ findings and insightful analysis — and always keep in mind that security is a never-ending journey. To that end, it’s crucial to keep abreast of new and emerging threats, work with qualified cyber talent (including an incident response team and CISO), and allocate dedicated budget to security implementation in order to minimize ad hoc investments and potential subsequent weakened resiliency. We look forward to sharing more with you in the next edition. Please send feedback and comments to insights@corvusinsurance.com.

Report Contributors

Lauren Winchester VP, Risk + Response

Jason Rebholz Chief Information Security Officer

Chris Hedenberg VP, Data Science

Lori Bailey Chief Insurance Officer

Legal Disclaimer: This report is intended for general guidance and information purposes only. This report is under no circumstances intended to be used or considered as specific insurance or information security advice. Please consult your broker with respect to the information presented herein.

About Corvus

Corvus Insurance is building a safer world through insurance products and digital tools that reduce risk, increase transparency, and improve resilience for policyholders and program partners. Our market-leading specialty insurance products are enabled by advanced data science and include Smart Cyber Insurance®, Smart Tech E+OTM, Smart Cargo®, and a suite of products for Financial Institutions. Our digital platforms and tools enable efficient quoting and binding and proactive risk mitigation. Corvus Insurance offers insurance products in the US, Middle East, Europe, Canada, and Australia. Current insurance program partners include AXIS Capital, Crum & Forster, Hudson Insurance Group, certain underwriters at Lloyd’s of London, R&Q’s Accredited, SiriusPoint, and Skyward Specialty Insurance. Corvus Insurance and Corvus London Markets are the marketing names used to refer to Corvus Insurance Agency, LLC and Corvus Agency Limited. Both entities are subsidiaries of Corvus Insurance Holdings, Inc. Corvus Insurance was founded in 2017 and is headquartered in Boston, Massachusetts with offices across the US and in London, UK. For more information, visit corvusinsurance.com.

Share with others!