LINK I thought this was well written. I suggest taking a look on vulnerability scanning and the frequency of the scanning.
LINK To make it easy, I pulled it and created a simple txt list you can use. These are the some of the initial access methods. Pulse Secure VPNCVE-2021-22893CVE-2020-8260CVE-2020-8243CVE-2019-11539CVE-2019-11510 CitrixCVE-2020-8196CVE-2020-8195CVE-2019-19781CVE-2019-11634 Microsoft ExchangeCVE-2021-34523CVE-2021-34473CVE-2021-31207CVE-2021-26855 FortinetCVE-2020-12812CVE-2019-5591CVE-2018-13379 SonicWallCVE-2021-20016CVE-2020-5135CVE-2019-7481 F5CVE-2021-22986CVE-2020-5902 Palo AltoCVE-2020-2021CVE-2019-1579 QNAPCVE-2021-28799CVE-2020-36198 SophosCVE-2020-12271 SharePointCVE-2019-0604 Microsoft WindowsCVE-2019-0708CVE-2020-1472CVE-2021-31166CVE-2021-36942 Microsoft OfficeCVE-2017-0199CVE-2017-11882CVE-2021-40444 vCenterCVE-2021-21985 AccellionCVE-2021-27101CVE-2021-27104CVE-2021-27102CVE-2021-27103 FileZenCVE-2021-20655 AtlassianCVE-2021-26084 Zoho CorpCVE-2021-40539 Microsoft AzureCVE-2021-38647
LINK Essentially, they are saying the patch was released as it was meant to installed, but additional actions required to registry changes to Point and Print to an insecure configuration. In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings After applying the security update, review the registry settings […]
Over the many years I have been in IT and Security, one item repeatedly comes up. How can a Security Organization effect change when the operations and “regular people” are unwilling to make changes? It is a maddening problem. You know these issues need to be resolved, but the “regular people”, the owners, the customers […]
LINK This is a good document. Not all may apply to you but most will. Alot of the data here provides a good list of items that can help pressure business owners and other service owners to make appropriate changes to avoid catastrophic infections by ransomware.
The design of the Home Network in my opinion has changed in the last 10 years because of the rise of all the IoT devices as well as phones. As a part of documenting this, I was taking a look at what I have implemented at home and see what I can change as well. […]
LINK to a NSA PDF doc I suggest everyone who is not read up on this, read this document. The Zero Trust Security Model as written is a set of principles that should be applied to access/assets/services/processes/etc. A good document to live by.
LINK The MDBR service, powered by systems maintained by CIS and Akamai, automatically blocks domains associated with cyber threats including ransomware, malware, and phishing after the organizations switch their DNS provider to Akamai’s DNS server.
Not meant to be a political post at all, just something to learn and understand for business. This is just a perfect example of the point for this article. Parler was kicked off Amazon Web Services. So their entire infrastructure was essentially turned off because it violated AWS’s terms of services. So my advice to […]
I found a link that has some great information on Apache / Weblogic Best Practices from the firm OpenLogic LINK