Security News > 2022 > May > CISA issues advisory on top-10 attack vectors, finds hackers exploiting poor cyber practices
CISA issues advisory on top-10 attack vectors, finds hackers exploiting poor cyber practices.
Cybersecurity and Infrastructure Security Agency has released a news advisory stating that cyber criminals have been taking advantage of users' "Poor security configurations, weak controls and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim's system." Additionally, the agency as part of the statement reviews the 10 most prevalent ways hackers breach networks and the methods companies can use to help mitigate the risk faced by potential attacks.
"By following CISA's recommendations, organizations can drastically improve their security posture and resilience to cyberattack. That said, many of these items can be difficult to implement, especially at organizations that don't already have a strong culture of cybersecurity. It's also difficult for an organization without an existing culture to know where to begin as well."
In order to best avoid cyber criminals gaining access to the system or network in question, it is recommended that the user or organization managing the device always follow best practices when it comes to protecting against potential cyberattacks.
"This is particularly true for organizations with large environments, legacy dependencies, or limited resources for staff or budget. As such, it's critical for every organization to adopt a true culture of security to evaluate their individual risk, which best practices can be implemented quickly, and form both a short- and long-term strategy for defense. A is a great thing to have, but not all organizations will have the resources to build and staff their own."
Also See Share: CISA issues advisory on top-10 attack vectors, finds hackers exploiting poor cyber practices.
News URL
Related news
- North Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- North Korean govt hackers linked to Play ransomware attack (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)