A list of the top 10 routinely exploited vulnerabilities has been provided in a new joint alert distributed via the U.S. CERT website. This alert was issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the broader US Government to provide technical guidance for security professionals in both the public and private sectors. This document aims to draw awareness to the most common vulnerabilities being exploited by threat actors. Foreign cyber actors frequently exploit dated and publicly known software vulnerabilities, as they often require fewer attacker resources. Therefore, the public and private sectors could mitigate some foreign cyber threats to US interests through an increased effort to patch their systems in accordance with the vulnerabilities listed in the alert.
13 May 2020