|
- Known Exploited Vulnerabilities Catalog - CISA
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild Organizations should use the KEV catalog as an input to their vulnerability management prioritization framework How to use the KEV
- 2023 Top Routinely Exploited Vulnerabilities - CISA
Technical Details Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of
- Critical Vulnerabilities in Microsoft Windows Operating Systems
An attacker could remotely exploit these vulnerabilities to decrypt, modify, or inject data on user connections: CryptoAPI spoofing vulnerability – CVE-2020-0601: This vulnerability affects all machines running 32- or 64-bit Windows 10 operating systems, including Windows Server versions 2016 and 2019
- Reducing the Significant Risk of Known Exploited Vulnerabilities
Learn about the importance of CISA's Known Exploited Vulnerability (KEV) catalog and how to use it to help build a collective resilience across the cybersecurity community
- 2023 Top Routinely Exploited Vulnerabilities - CISA
Top Routinely Exploited Vulnerabilities Listed in Table 1 are the top 15 vulnerabilities the authoring agencies observed malicious cyber actors routinely exploiting in 2023 with details also discussed below
- 2021 Top Routinely Exploited Vulnerabilities - CISA
These vulnerabilities include multiple vulnerabilities affecting internet-facing systems, including Accellion File Transfer Appliance (FTA), Windows Print Spooler, and Pulse Secure Pulse Connect Secure Three of these vulnerabilities were also routinely exploited in 2020: CVE-2019-19781, CVE-2019-18935, and CVE-2017-11882
- Microsoft Operating Systems BlueKeep Vulnerability | CISA
The Cybersecurity and Infrastructure Security Agency (CISA) is issuing this Activity Alert to provide information on a vulnerability, known as “BlueKeep,” that exists in the following Microsoft Windows Operating Systems (OSs), including both 32- and 64-bit versions, as well as all Service Pack versions: Windows 2000 Windows Vista Windows XP Windows 7 Windows Server 2003 Windows Server 2003
- Top Routinely Exploited Vulnerabilities - CISA
This advisory provides details on the top 30 vulnerabilities—primarily Common Vulnerabilities and Exposures (CVEs)—routinely exploited by malicious cyber actors in 2020 and those being widely exploited thus far in 2021
|
|
|