• Why don’t we patch?


    Susan Bradley

    By Susan Bradley

    The vast majority of 2020 and 2021 attacks were not from zero days, but rather were old vulnerabilities for which patches had been released months, or even years, ago.

    Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S. Federal Bureau of Investigation (FBI) released a document about the top attacks in 2020 and those so far in 2021. Interestingly, many of these vulnerabilities used in attacks are not Microsoft-based but are vulnerabilities in tools we use to access networks.

    Read the full story in the AskWoody Plus Newsletter 18.30.0 (2021-08-09).