CISA Alert AA22-117A – 2021 top routinely exploited vulnerabilities.
This joint Cybersecurity Advisory was coauthored by cybersecurity authorities of the US, Australia, Canada, New Zealand, and the UK. This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
AA22-117A Alert, Technical Details, and Mitigations
Top 15 CVEs Routinely Exploited in 2020
Risk Considerations for Managed Service Provider Customers
Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses
How to Manage Your Security When Engaging a Managed Service Provider
CISA Capacity Enhancement Guide – Implementing Strong Authentication
Implementing Multi-Factor Authentication
CISA’s Apache Log4j Vulnerability Guidance
All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov.