Weak Security Controls and Practices Routinely Exploited for Initial Access

Original release date: May 17, 2022

The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise networks. While these poor practices may be common, organizations can apply basic practices, such as the following, to help protect their systems:

Control access.
Harden credentials.
Establish centralized log management.
Use antivirus solutions.
Employ detection tools.
Operate services exposed on internet-accessible hosts with secure configurations.
Keep software updated.

CISA encourages organizations to review Weak Security Controls and Practices Routinely Exploited for Initial Access and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin

Next Mozilla Releases Security Products for Multiple Firefox Products »

Previous « Threat Actors Exploiting F5 BIG IP CVE-2022-1388

This website uses cookies.

Weak Security Controls and Practices Routinely Exploited for Initial Access

Recent Posts

MyDoom.B Virus

Multiple Vulnerabilities in Microsoft Internet Explorer

HTTP Parsing Vulnerabilities in Check Point Firewall-1

Multiple Vulnerabilities in Microsoft Windows

Vulnerability in Microsoft Outlook 2002

Multiple Vulnerabilities in OpenSSL