CISA, Five Eyes cyber advisory lists common vulnerabilities among 2022’s top exploits 

Tags

Top Highlights

• A new CISA cybersecurity advisory spotlights 2022's top-exploited vulnerabilities

• detailed the top-exploited vulnerabilities in 2022 and implored all technology providers to fortify their digital security posture amid increased malware incidents.

• “Today, adversaries commonly exploit categories of vulnerabilities that can and must be addressed by technology providers as part of their commitment to Secure by Design,”

• Eric Goldstein, the executive assistant director for cybersecurity at CISA, underscored the need for companies to incorporate the federally-backed Secure by Design principles into their technology development.

• malicious actors will continue to find it far too easy to exploit organizations around the world

• prioritize mitigation of these vulnerabilities and for every technology provider to take accountability for the security outcomes of their customers by reducing the prevalence of these vulnerabilities by design.”

• According to the advisory, 2022 saw a greater number of older network vulnerabilities being exploited by malicious cyber actors than recently disclosed vulnerabilities.

• The advisory suggests that organizations take steps to ensure asset and identity access management for end-user organizations and routinely scan networks for possible patches in each company’s defense posture.

• When we work as a community we can strengthen our collective resilience

• Every organization with internet-facing networks that implements recommended mitigation measures will greatly reduce their risk of compromise by malicious cyber actors. We also know that vendors and developers also have a strong role to play by responsibly designing products that are secure by design and default.