HomeCyber SecurityTenable: NSA publishes list of top vulns targeted by foreign threat actors

Tenable: NSA publishes list of top vulns targeted by foreign threat actors

The National Security Agency (NSA) published a list today of the top 25 vulnerabilities that are consistently being targeted by foreign threat actors. The plethora of publicly accessible systems running unpatched software means that threat actors do not need to finance the development or burn a zero-day.

Please find below a comment from Satnam NarangStaff Research Engineer at Tenable.

If you’re experiencing déjà vu from the National Security Agency (NSA) advisory listing the top 25 vulnerabilities being leveraged by foreign threat actors, your feeling is warranted. Many of the vulnerabilities in the advisory align with similar alerts that have been published by the Cybersecurity and Infrastructure Security Agency (CISA) over the last year.

It’s unmistakably clear that unpatched vulnerabilities remain a valuable tool for cybercriminals and state-sponsored threat actors. With many of the vulnerabilities listed in the advisory residing in remote access tools or external web services, it is extremely critical for organizations to prioritize patching these vulnerabilities.

As CISA noted in their Top 10 Routinely Exploited Vulnerabilities alert from earlier this year, threat actors do not need to finance the development of or acquire zero-day vulnerabilities so long as there are a plethora of publicly accessible systems running unpatched software. This is further compounded by the availability of proof of concept code and exploit scripts that threat actors can easily co-opt as part of their own attacks, as we have seen in the case of the Copy Paste Compromises attacks reported by the Australian Cyber Security Centre.”

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS