The alert notes that foreign cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations. Exploitation of these vulnerabilities often requires fewer resources as compared with zero-day exploits for which no patches are available.
The guidance also stated that public and private sectors could degrade some foreign cyber threats to U.S. interests through an increased effort to patch their systems and implement programs to keep system patching up to date.
The alert listed the 10 most exploited vulnerabilities between 2016 and 2019 and also listed the most vulnerabilities exploited in 2020, along with mitigations for those vulnerabilities.
To check the detailed lists of vulnerabilities and mitigations needed visit the CISA website.
Source: CISA press release
No comments:
Post a Comment