2023 Top Routinely Exploited Vulnerabilities.
The “Five Eyes” - the cybersecurity agencies of the USA, the UK, Canada, Australia and New Zealand - released this joint Cybersecurity Advisory.
A zero-day is a vulnerability in software or hardware that is typically unknown to the vendor and for which no patch or other fix is available. Zero-days have been responsible for some of the very largest supply chain breaches affecting thousands of organisations.
Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced.
The Five-Eyes recommend keeping patching up-to-date, implementing a centralised patch management system and asking your software vendors about their Secure-By-Design program including secure default settings.
We recommend Deep Instinct as the last line of defence against zero-days. It detects even previously unknown zero-day attacks using behavioural analysis, stopping them within 20ms before they can damage files or spread.