An Interest In:
Web News this Week
- March 28, 2024
- March 27, 2024
- March 26, 2024
- March 25, 2024
- March 24, 2024
- March 23, 2024
- March 22, 2024
August 1, 2021 03:34 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/WsceObQ_dGI/remote-work-without-vpn-patches-govt-security-agencies-reveal-most-exploited-vulnerabiliti
Remote Work Without VPN Patches? Govt Security Agencies Reveal Most Exploited Vulnerabilities
Slashdot reader storagedude quotes eSecurityPlanet : The FBI and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) joined counterparts in the UK and Australia Wednesday to announce the top 30 vulnerabilities exploited since the start of the pandemic. The list, a joint effort with the Australian Cyber Security Centre (ACSC) and the UK's National Cyber Security Centre (NCSC), details vulnerabilities — primarily Common Vulnerabilities and Exposures (CVEs) — "routinely exploited by malicious cyber actors in 2020 and those being widely exploited thus far in 2021." Many of the vulnerabilities are known ones for which patches exist, so they can typically be easily fixed. The agencies also recommended a centralized patch management system to prevent such oversights going forward. Most of the vulnerabilities targeted in 2020 were disclosed during the last two years. "Cyber actor exploitation of more recently disclosed software flaws in 2020 probably stems, in part, from the expansion of remote work options amid the COVID-19 pandemic," said a CISA statement. "The rapid shift and increased use of remote work options, such as virtual private networks (VPNs) and cloud-based environments, likely placed additional burden on cyber defenders struggling to maintain and keep pace with routine software patching." The vulnerabilities include a number of well publicized ones from major vendors like Citrix, Microsoft, Fortinet, VMware and others, so a good portion of the blame can be placed on those who just aren't being vigilant with patching.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/WsceObQ_dGI/remote-work-without-vpn-patches-govt-security-agencies-reveal-most-exploited-vulnerabiliti
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot