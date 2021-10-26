HP released its latest global HP Wolf Security Threat Insights Report, where the company’s researchers conduct analysis of the top cybersecurity attacks in the world. In this issue, the key finding is that criminals are exploiting vulnerabilities before the responsible companies can fix them.

According to the HP report, criminals are using more zero-day vulnerabilities, critical holes that were not detected in the software and systems development process, as the main way to attack, taking advantage of the fact that fixes for these flaws, in many cases, may take time to be made available by the responsible companies.

The CVE failure-40444-97 , from Microsoft Office, is one of those cited in the HP report. (Image: Reproduction/Microsoft)

The team responsible for the report cites as an example the CVE failure-2021-2021, from Microsoft Office, which uses a malicious file that deploys the malware through an Office document. Users do not have to open the file or allow any action, just previewing in File Explorer to compromise the device, and allowing attackers to install backdoors for free access to the systems, which are then sold to virtual hijacking groups (ransomware).

