back to article Coming in at number 5, it's a blast from the past! Tenable's 2020 security flaw chart show features hits of yesteryear

Out of the top five vulnerabilities for 2020 three dated back to 2019 or earlier, according to infosec firm Tenable's annual threat report. While Zerologon was the company's number one insecurity for 2020, the hoary old Pulse Secure VPN vuln (CVE-2019-11510) was number three, while flaws in Citrix and Fortinet connectivity …

  1. Richard Pennington 1

    Not just Tenable

    There have been a few vintage bugs showing up in alerts recently. I have noticed several Apple bugs from 2017 in Recorded Future's "Cyber Daily" digests recently. Usually referring to Mac OSX 10.12 (Sierra), which is four versions out of date and two versions out of support.

    1. EnviableOne Silver badge

      Re: Not just Tenable

      Checkm8 - people can't afford the new shiny

  2. gerdesj Silver badge

    Don't forget this one (int al)

    ROCA: https://en.wikipedia.org/wiki/ROCA_vulnerability - "estimate that it affects around one-quarter of all current TPM devices globally. Millions of smart cards are believed to be affected."

    Why not have a look at your standard VPN parameters and your TLS website settings. For websites try this for guidance - https://github.com/drwetter/testssl.sh. For IPSEC look into something more modern than the 3DES/MD5 G2 that you are probably using. AES128GCM 128 bit/AES-XCBC with DH group 31 is kind on the CPU these days and quite tricky to break.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021