Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders. Read the Executive Assistant Director at CISA’s blog post on the “Urgency for Software Manufacturers to Incorporate Secure by Design Principles.”
Additionally, NSA and CISA encourage organizations to review the joint CSA for recommended steps and best practices to reduce the risk of malicious actors exploiting the identified misconfigurations. For more information on secure-by-design principles, visit Secure by Design and Security-by-Design and -Default.
CISA released one Industrial Control Systems (ICS) advisory on October 22, 2024. These advisories provide…
Cisco released its October 2024 Semiannual Cisco ASA, FMC, and FTD Software Security Advisory Bundled…
CISA released four Industrial Control Systems (ICS) advisories on October 24, 2024. These advisories provide…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
This website uses cookies.