HealthcareCISO

It doesn't matter how sophisticated a threat group is. They like low-hanging fruit as much as other dark web dwellers.

The most commonly exploited vulnerabilities are ones hidden in plain, everyday IT tools. The list of CVEs for 2020 and 2021, are dated and largely linked to remote work, according to a joint alert issued by the Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the U.K.'s National Cyber Security Center (NCSC), and the Federal Bureau of Investigation (FBI) last week.

Uncovering initial access to...