This week, the US’ National Security Agency (NSA) published a list of 25 vulnerabilities that Chinese state actors are scanning for and exploiting. The advisory breaks the list down into different sections, reflecting which stage of an attack a vulnerability is exploited in. For example, there is a section for CVEs targeted to gain initial remote access, such as CVE – 2019 – 11510 in Pulse Secure VPNs and CVE – 2019 – 19781 in Citrix ADC devices. There are also sections for vulnerabilities exploited during for the lateral movement and privilege escalation stages, as well as those which allow the perpetrator to monitor and modify network traffic.
While the advisory specifically highlights the threat to organisations underpinning the US’ National Security Systems (NSS) and Defence Indus trial Base (DIB), it is a useful reminder to network defenders across all sectors as to which vulnerabilities should be prioritised for patching, if they have not been patched already, due to their popularity among adversaries.
Download our whitepaper to see:
- The limitations of a compliance based approach
- How the number of vulnerabilities has changed over time
- Why a cyber risk scoring system helps
- The limitations of a compliance based approach
- How the number of vulnerabilities has changed over time
- Why a cyber risk scoring system helps