Top Ten Routinely Exploited Vulnerabilities

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has published an alert of the top ten routinely exploited vulnerabilities observed by it and the FBI and the broader U.S. government. The vulnerabilities are categorized into groupings for the top ten exploited from 2016 to 2019 and in 2020. Unsurprisingly, much of the activity observed in 2020 has exploited vulnerabilities in virtual private networks and cloud collaboration services, which are increasingly in use given unprecedented levels of remote work during the COVID-19 pandemic. The alert also provides mitigations for each of the vulnerabilities and discusses free cybersecurity services offered by CISA that can help organizations reduce their exposure to threats. Read the advisory at CISA.