NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations.
The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybersecurity misconfigurations in large organizations and detail the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.
Through NSA and CISA Red and Blue team assessments, as well as through the activities of NSA and CISA Hunt and Incident Response teams, the agencies identified the following 10 most common network misconfigurations:1. Default configurations of software and applications2. Improper separation of user/administrator privilege3. Insufficient internal network monitoring4. Lack of network segmentation5. Poor patch management6. Bypass of system access controls7. Weak or misconfigured multifactor authentication (MFA) methods8. Insufficient access control lists (ACLs) on network shares and services9. Poor credential hygiene10. Unrestricted code execution