A number of cybersecurity agencies have co-authored a joint Cybersecurity Advisory (CSA) on frequently exploited vulnerabilities in 2022. The advisory provided details on CVEs routinely and frequently exploited by cyber criminals. The agencies included:
- United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI)
- Australia: Australian Signals Directorate’s Australian Cyber Security Centre (ACSC)
- Canada: Canadian Centre for Cyber Security (CCCS)
- New Zealand: New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team New Zealand (CERT NZ)
- United Kingdom: National Cyber Security Centre (NCSC-UK)
The advisory stated that cyber criminals tend to exploit older software vulnerabilities that are less than two years old, and they targeted unpatched internet-facing systems. They favour vulnerabilities with publicly available proof of concept code, and likely prioritise developing exploits for severe and globally prevalent CVEs. The top 5 vulnerabilities affect Fortinet SSL VPNs, Microsoft Exchange email servers, Zoho ManageEngine ADSelfService Plus, Atlassian Confluence Server and Apache Log4j. The advisory strongly encourages vendors, designers, developers and end-user organisations to implement the recommendations to reduce the risk of compromise.
This segment was created for the It’s 5:05 podcast