NSA shares top 25 vulnerabilities

The NSA has just published a report of the top 25 vulnerabilities that it alleges Chinese state actors are using to attach US assets. Since it also probably applies to attacks on the UK, I thought you might like to have a look and the full report is a PDF at https://media.defense.gov/2020/Oct/20/2002519884/-1/-1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF

The top few related to exploiting vulnerabilities in VPN’s, Remote Desktop and Citrix but I would encourage you to read the report for more details.

And of course, the moral of this is to make sure your systems are configured to receive and apply updates as soon as they are released.