The NSA published an advisory identifying the top 5 vulnerabilities actively exploited by Russian government hackers and urging companies to mitigate as quickly as possible.
<p>The NSA advisory on these top 5 vulnerabilities is an urgent reminder that organizations should patch these vulnerabilities as soon as possible. In fact, the easiest way to secure an organization is to keep software up to date and patched. Unfortunately, patching often takes organizations a significant amount of time due to testing and compliance requirements, so the sooner they can start the process the better off they will be. For those applications that can be protected during runtime with newer technologies like virtual patching, organizations should implement solutions to keep these vulnerabilities from being exploited. Virtual patching is a feature of runtime application security solutions like RASP (Runtime Application Self-Protection) which has gotten new focus due to its inclusion in the NIST Security and Privacy Framework, updated by NIST in September of 2020, in SP 800-53 Revision 5.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics