#NSA and #CISA Red and Blue Teams Share Top Ten #Cybersecurity Misconfigurations

source: https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a

1) Default configurations of software and applications
2) Improper separation of user/administrator privilege
3) Insufficient internal network monitoring
4) Lack of network segmentation
5) Poor patch management
6) Bypass of system access controls
7) Weak or misconfigured multifactor authentication (MFA) methods
8) Insufficient access control lists (ACLs) on network shares and services
9) Poor credential hygiene
10) Unrestricted code execution

#usa #internet #security #administrator #configuration #knowledge #knowhow #top10 #network #login