Researchers put together a list of vulnerabilities abused by Ransomware – Look for these immediately

LINK To make it easy, I pulled it and created a simple txt list you can use. These are the some of the initial access methods. Pulse Secure VPNCVE-2021-22893CVE-2020-8260CVE-2020-8243CVE-2019-11539CVE-2019-11510 CitrixCVE-2020-8196CVE-2020-8195CVE-2019-19781CVE-2019-11634 Microsoft ExchangeCVE-2021-34523CVE-2021-34473CVE-2021-31207CVE-2021-26855 FortinetCVE-2020-12812CVE-2019-5591CVE-2018-13379 SonicWallCVE-2021-20016CVE-2020-5135CVE-2019-7481 F5CVE-2021-22986CVE-2020-5902 Palo AltoCVE-2020-2021CVE-2019-1579 QNAPCVE-2021-28799CVE-2020-36198 SophosCVE-2020-12271 SharePointCVE-2019-0604 Microsoft WindowsCVE-2019-0708CVE-2020-1472CVE-2021-31166CVE-2021-36942 Microsoft OfficeCVE-2017-0199CVE-2017-11882CVE-2021-40444 vCenterCVE-2021-21985 AccellionCVE-2021-27101CVE-2021-27104CVE-2021-27102CVE-2021-27103 FileZenCVE-2021-20655 AtlassianCVE-2021-26084 Zoho CorpCVE-2021-40539 Microsoft AzureCVE-2021-38647

Using the Risk Management Process to Effect Change

Over the many years I have been in IT and Security, one item repeatedly comes up. How can a Security Organization effect change when the operations and “regular people” are unwilling to make changes? It is a maddening problem. You know these issues need to be resolved, but the “regular people”, the owners, the customers […]