An Alert published by the United States Computer Emergency Readiness Team (US-CERT) provides information on the 30 most commonly exploited vulnerabilities used in these attacks, along with prevention and mitigation recommendations.
Read the Alert in full here – https://www.us-cert.gov/ncas/alerts/TA15-119A