The Top Ten List of Why You Got Hacked This Year (2023/2024) 

BHIS presents a concise top-ten list of the most common weaknesses leading to compromise observed in penetration testing: insufficient firewall/segmentation, missing message integrity (SMB/LDAP signing), insecure defaults, poor patching and inventory, weak protocol misuse (LLMNR/WPAD/mDNS), vulnerable web applications, social engineering/help-desk abuse, limited detection/optics, ADCS certificate enrollment weaknesses, and weak/ reused credentials — emphasizing that these categories remain primary drivers of successful intrusions.