Weak Security Controls and Practices Routinely Exploited for Initial Access

Original release date: May 17, 2022

The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise networks. While these poor practices may be common, organizations can apply basic practices, such as the following, to help protect their systems:

Control access.
Harden credentials.
Establish centralized log management.
Use antivirus solutions.
Employ detection tools.
Operate services exposed on internet-accessible hosts with secure configurations.
Keep software updated.

CISA encourages organizations to review Weak Security Controls and Practices Routinely Exploited for Initial Access and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next Mozilla Releases Security Products for Multiple Firefox Products »

Previous « Threat Actors Exploiting F5 BIG IP CVE-2022-1388

This website uses cookies.

Weak Security Controls and Practices Routinely Exploited for Initial Access

Recent Posts

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Three Industrial Control Systems Advisories

Microsoft Releases Out-of-Band Security Update to Mitigate Windows Server Update Service Vulnerability, CVE-2025-59287

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Releases Eight Industrial Control Systems Advisories

CISA Adds One Known Exploited Vulnerability to Catalog