The US, along with Canada, New Zealand, the Netherlands, and the United Kingdom, issued a joint Cybersecurity Advisory on 10 routinely exploited weak security controls, configurations and practices that allow bad actors to compromise networks.
Cyber criminals exploit poor security configurations, weak controls and other practices to gain access to a victim’s system. Employers should consider implementing the following best practices to help protect systems:
- Control access.
- Harden credentials.
- Establish centralized log management.
- Use antivirus solutions.
- Employ detection tools.
- Operate services exposed on internet-accessible hosts with secure configurations.
- Keep software updated.
Review the guidance here for suggestions on practices to help strengthen network defenses against common exploited weak security controls and practices.
