The GCSB's National Cyber Security Centre (NCSC) has released a cyber security advisory identifying commonly exploited controls and practices.
The advisory, issued in conjunction with CERT NZ and cyber security authorities in the US, Canada, the Netherlands and the UK, also offers best practices for mitigating these issues.
The NCSC notes that malicious cyber actors regularly exploit poor security configurations that have either been misconfigured or left unsecured.
In addition, they also exploit weak controls and other poor cyber hygiene practices to get initial access or as part of another strategy to compromise a system.
Common targets for cyber actors include:
The joint advisory recommends following a variety of practices that can help a company to strengthen its network defences.
Recommendations include applying credential hardening, making access control stronger, using centralised log management, providing detection tools and antivirus programmes, maintaining robust configuration management programmes and creating a software patch management programme.
The release of this advisory comes after the NCSC issued a cyber security advisory in collaboration with its international partners detailing common vulnerabilities and exposures, including the 15 most commonly exploited of 2021.
The NCSC notes that d ..
Support the originator by clicking the read the rest link below.
