Recently, the joint Cybersecurity Advisory agencies from the United Kingdom, Australia, Canada, New Zealand published the '2022 Top Routinely Exploited Vulnerabilities' report which looked at the top Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022, and the associated Common Weakness Enumeration(s) (CWE).
Key findings:
It was discovered that malicious cyber actors targeted older software vulnerabilities more frequently than any recently disclosed vulnerabilities. Malicious cyber actors usually have the greatest success when exploiting known vulnerabilities within the first two years of disclosure, due to the value of the vulnerabilities decreasing greatly as software is patched.
Top vulnerabilities which malicious cyber actors routinely exploited include:
- Fortinet SSL VPNs
- Multiple vulnerabilities for Microsoft Exchange email servers and Windows Diagnostic tools
- Zoho Manage Engine AdSelfService Plus
- Atlassian Confluence Server and Data Centre
- Apache servers
- VMWare Workspace ONE Access and Identity Manager
- F5 Networks BIG-IP
Read the full report here: 2022 Top Routinely Exploited Vulnerabilities | CISA
Ensure you're protected 24 x 7 and unlock improved cyber security for your organisation with the power of Centrality - the ultimate solution. Discover advanced features that enable you to secure your data and critical assets with cutting-edge technology. Don't wait, seize the opportunity to take control of your security needs today.
Visit our Microsoft Cyber Security page for more information.