Cybersecurity Authorities List Top 10 Attack Vectors Exploited By Hackers

A joint security advisory issued by several national cybersecurity authorities has identified the ten attack vectors most exploited by threat actors.

These attack vectors include the failure to enable multi-factor authentication, improperly applied privileges or permissions and errors in access control lists, out-of-date software, and the use of vendor-supplied default configurations or default login usernames and passwords.

Others include the lack of sufficient control by remote services, failure to implement strict password policies, unprotected cloud services, open ports, misconfigured services, failure to detect or block phishing attempts, and poor endpoint detection and response.

The joint advisory highlights a list of security measures that organizations can take to eliminate poor security measures.

Security measures include the use of control access, hardened MFA credentials and standard password reset, centralized log management, and antivirus and detection tools (including intrusion detection and prevention systems).

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web