AdvisoriesAA23-278AOctober 5, 2023
October 5, 2023
The NSA and CISA have released a joint cybersecurity advisory detailing the top 10 most common network misconfigurations observed in large organizations, which include issues such as default software configurations and poor patch management. To address these vulnerabilities, the agencies emphasize the importance of organizations strengthening their network defenses by adopting recommended practices and urge software manufacturers to adopt secure-by-design principles, eliminating default passwords, and making multi-factor authentication a default feature.
October 9, 2023
This advisory underscores a pressing concern in cybersecurity: rampant misconfigurations in large organizations, with unrestricted code execution standing out as a particularly high risk. Adversaries will typically use an unverified program or command with no legitimate purpose or business reason for running on the endpoint to execute any number of malicious things. General mitigation advice says to limit or monitor the use of executables and command execution on each endpoint. However, this approach is unrealistic at scale, as the maintenance and monitoring of such activities would overwhelm most modern SOC teams. Instead, a more future-proof solution is to replace the underlying operating system altogether. Instead of servers, use containers. Instead of laptops, use mobile devices or Chromebooks. These devices are “secure by design”, which means the operating system treats security as a leading priority and limits most code execution out of the box.
Be immediately notified of new advisories and associated security tests
AdvisoryCISAAA24-207AJuly 25, 2024
