FBI publishes overview of the Top 30 most attacked vulnerabilities


Installing security updates in a timely manner is an important measure to protect systems, but thirty vulnerabilities deserve special attention and should be given the highest priority. This is according to a list of the Top 30 most attacked vulnerabilities compiled by the FBI, the Cybersecurity and Infrastructure Security Agency (CISA) of the US Department of Homeland Security, the Australian Cyber ​​Security Center (ACSC) and the UK's National Cyber ​​Security Center (NCSC).


The overview contains a series of vulnerabilities that were frequently attacked last year and this year. This year mainly concerns vulnerabilities in Microsoft Exchange, Pulse Secure, Accellion, VMware and Fortinet that attackers can exploit. For most of these vulnerabilities, a security update was released this year, but in the case of Fortinet, it also concerns a vulnerability dating from 2018.


"One of the most effective ways to fix vulnerabilities is to update software as soon as patches are available and practical. If this is not possible, consider temporary workarounds or other mitigations as provided by the vendor," the government agencies say. When it is not possible for an organization to quickly update all software after the release of a patch, it is recommended to give the highest priority to vulnerabilities that are already being exploited or where most systems are at risk.



Previous Post Next Post