Most of the vulnerabilities routinely exploited last year were disclosed in 2021 or earlier, says Dennis Fisher, according to a recent joint advisory issued by cybersecurity agencies from the United States, Australia, Canada, New Zealand, and the United Kingdom.
“Many of the vulnerabilities in the list will come as no surprise to defenders: the Log4Shell flaw from 2021, the ProxyShell bugs in Exchange from 2021, and a Fortinet SSL VPN bug from 2018,” Fisher says. “Developing exploits for critical, widespread, and publicly known vulnerabilities gives actors low-cost, high-impact tools they can use for several years,” the report states.
The advisory lists the top 12 most commonly exploited flaws along with 30 other routinely exploited vulnerabilities and outlines mitigation steps to help organizations “ensure their products are secure by design and default.”
Read more at Decipher.
See also:
Certifications to Boost Your Open Source Career — FOSSlife
Getting Started in Cybersecurity — FOSSlife
Free Cybersecurity Resources for Protecting Your Organization — FOSSlife
Looking for a job?
Sign up for job alerts and check out the latest listings at Open Source JobHub.
Contact FOSSlife to learn about partnership and sponsorship opportunities.
Comments