Cybersecurity Authorities List Top 10 Attack Vectors Exploited By Hackers

Share post:

A joint security advisory issued by several national cybersecurity authorities has identified the ten attack vectors most exploited by threat actors.

These attack vectors include the failure to enable multi-factor authentication, improperly applied privileges or permissions and errors in access control lists, out-of-date software, and the use of vendor-supplied default configurations or default login usernames and passwords.

Others include the lack of sufficient control by remote services, failure to implement strict password policies, unprotected cloud services, open ports, misconfigured services, failure to detect or block phishing attempts, and poor endpoint detection and response.

The joint advisory highlights a list of security measures that organizations can take to eliminate poor security measures.

Security measures include the use of control access, hardened MFA credentials and standard password reset, centralized log management, and antivirus and detection tools (including intrusion detection and prevention systems).

The sources for this piece include an article in BleepingComputer.



Related articles

Okta’s login flaw exposes users to attack, says Mitiga

According to Mitiga, Okta's login system contains a simple error that could expose its users to future attacks. Users...

Musk’s failed takeover attempt caused his departure from OpenAI

According to a Semafor report, Musk's departure from OpenAI in 2018 was not due to a desire to...

Replika brings back erotic roleplay

Replika has reinstated erotic roleplay for some of its users after recently removing adult content. Customers have welcomed the...

GPT-4 shows human-level performance

Microsoft AI researchers published a paper claiming that the OpenAI language model powering Microsoft's Bing AI exhibits "sparks"...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways