The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory (CSA) on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise networks. While these poor practices may be common, organizations can apply basic practices, such as the following, to help protect their systems:
- Control access.
- Harden credentials.
- Establish centralized log management.
- Use antivirus solutions.
- Employ detection tools.
- Operate services exposed on internet-accessible hosts with secure configurations.
- Keep software updated.
CISA encourages organizations to review Weak Security Controls and Practices Routinely Exploited for Initial Access and apply the recommended mitigations.