Most prevalent cybersecurity misconfigurations uncovered

BleepingComputer reports that default software and app configurations, improper user/admin privilege separation, inadequate internal network monitoring, lacking network segmentation, and subpar patch management were noted by the National Security Agency and the Cybersecurity and Infrastructure Security Agency to be the most prevalent cybersecurity misconfigurations across large organizations in the U.S. Other common misconfigurations observed across the networks of the Department of Defense and other federal agencies, governments, and the private sector include system access control bypass, weak multi-factor authentication approaches, deficient access control lists, inferior credential hygiene, and unrestricted code execution, according to the joint NSA and CISA advisory. Organizations' network defender teams have been urged by the agencies to remove default credentials, deactivate unused services, ensure updated systems, and properly manage administrative accounts and privileges. Such misconfigurations should also prompt the implementation of secure-by-design principles and proactive misconfiguration-combating policies among software manufacturers, said CISA Executive Assistant Director for Cybersecurity Eric Goldstein.