Cyber threats are growing in number, but the measures to prevent attacks and breaches are not getting the same attention. To educate organizations about consistent cyber hygiene measures, government agencies take responsibility for keeping companies informed about imminent threats across entire countries. CISA has released a list of routinely exploited vulnerabilities throughout the year 2020.
CISA’s security advisory
On July 28th, 2021, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) released a joint security advisory.
In the advisory, the assembled guild of international government agencies disclosed a list of vulnerabilities that were exploited in huge volumes throughout 2020, continuing to be exploited till now. The advisory made it clear that four of the most targeted vulnerabilities in 2020 were in remote work, VPNs, or cloud-based technologies.
The advisory also highlighted the routinely exploited vulnerabilities and their CVEs.
Image source: Security advisory by CISA
Among the entire routinely exploited vulnerabilities list, the highly exploited vulnerabilities in 2021 were in Microsoft, Pulse, Accellion, VMware, and Fortinet products.
Refer to the source security advisory for the complete list of vulnerabilities.
How SanerNow helps secure your environment per the security advisory
Security advisories from government agencies are more of a siren to other organizations after malicious activities and impacts are officially filed by the affected ones. The smarter approach to security is being proactive in detecting and remediating the latest risks in your environment.
SanerNow VM makes this part easy with our unique capabilities.
1. Detection and assessment of all listed vulnerabilities
SanerNow detects and patches the entire list of vulnerabilities reported in the security advisory. In fact, they were supported right after the software vendors announced the patches. We didn’t wait for the vulnerabilities to gain excessive activity.
2. Smarter risk prioritization
The prioritization algorithm of SanerNow VM is smartly designed. It doesn’t just prioritize vulnerabilities based on their CVSS scores. It also considers the current real-world exploit activity and several other technical factors to arrive at an accurate prioritization list for your specific environment.
3. Remediation by automated patching
Preparing vulnerability reports and presenting them to the team makes no difference unless action is taken to remediate them. SanerNow automatically correlates the right patches with the detected vulnerabilities. With patch automation capabilities, you can remediate all the detected vulnerabilities in Windows, Mac, Linux, and 200+ third-party applications.
Fix before advisories with SanerNow VM
SanerNow VM is a cloud-based solution to detect, assess, prioritize, and remediate vulnerabilities in all endpoints and network devices. Within 24 hours of disclosure by the software vendors, SanerNow’s vulnerability database is updated to detect the risk-ridden devices in your environment. You can detect and fix the latest vulnerabilities before they pose critical risks in the form of exploits and attacks.
SanerNow is built on our homegrown, world’s largest vulnerability intelligence database with 130,000+ checks. With this database powering your IT risk detection, we guarantee quick detection of new vulnerabilities and the most comprehensive checks across all OSs and third-party applications. Schedule a demo with us. We’ll show what we mean.