LINK I thought this was well written. I suggest taking a look on vulnerability scanning and the frequency of the scanning.
Category: How To
Researchers put together a list of vulnerabilities abused by Ransomware – Look for these immediately
LINK To make it easy, I pulled it and created a simple txt list you can use. These are the some of the initial access methods. Pulse Secure VPNCVE-2021-22893CVE-2020-8260CVE-2020-8243CVE-2019-11539CVE-2019-11510 CitrixCVE-2020-8196CVE-2020-8195CVE-2019-19781CVE-2019-11634 Microsoft ExchangeCVE-2021-34523CVE-2021-34473CVE-2021-31207CVE-2021-26855 FortinetCVE-2020-12812CVE-2019-5591CVE-2018-13379 SonicWallCVE-2021-20016CVE-2020-5135CVE-2019-7481 F5CVE-2021-22986CVE-2020-5902 Palo AltoCVE-2020-2021CVE-2019-1579 QNAPCVE-2021-28799CVE-2020-36198 SophosCVE-2020-12271 SharePointCVE-2019-0604 Microsoft WindowsCVE-2019-0708CVE-2020-1472CVE-2021-31166CVE-2021-36942 Microsoft OfficeCVE-2017-0199CVE-2017-11882CVE-2021-40444 vCenterCVE-2021-21985 AccellionCVE-2021-27101CVE-2021-27104CVE-2021-27102CVE-2021-27103 FileZenCVE-2021-20655 AtlassianCVE-2021-26084 Zoho CorpCVE-2021-40539 Microsoft AzureCVE-2021-38647
Microsoft releases comments on PrintNightmare updates – Details in Post here
LINK Essentially, they are saying the patch was released as it was meant to installed, but additional actions required to registry changes to Point and Print to an insecure configuration. In ALL cases, apply the CVE-2021-34527 security update. The update will not change existing registry settings After applying the security update, review the registry settings […]
Using the Risk Management Process to Effect Change
Over the many years I have been in IT and Security, one item repeatedly comes up. How can a Security Organization effect change when the operations and “regular people” are unwilling to make changes? It is a maddening problem. You know these issues need to be resolved, but the “regular people”, the owners, the customers […]
CISA releases Best Practices to mitigate any Ransomware
LINK This is a good document. Not all may apply to you but most will. Alot of the data here provides a good list of items that can help pressure business owners and other service owners to make appropriate changes to avoid catastrophic infections by ransomware.
My Ideal Home Network
The design of the Home Network in my opinion has changed in the last 10 years because of the rise of all the IoT devices as well as phones. As a part of documenting this, I was taking a look at what I have implemented at home and see what I can change as well. […]
Zero Trust Model
LINK to a NSA PDF doc I suggest everyone who is not read up on this, read this document. The Zero Trust Security Model as written is a set of principles that should be applied to access/assets/services/processes/etc. A good document to live by.
CIS offers Ransomware Protection Service to all US Hospitals (for free)
LINK The MDBR service, powered by systems maintained by CIS and Akamai, automatically blocks domains associated with cyber threats including ransomware, malware, and phishing after the organizations switch their DNS provider to Akamai’s DNS server.
Time to Learn – READ the Terms of Service and own your Infrastructure
Not meant to be a political post at all, just something to learn and understand for business. This is just a perfect example of the point for this article. Parler was kicked off Amazon Web Services. So their entire infrastructure was essentially turned off because it violated AWS’s terms of services. So my advice to […]
Apache/ Weblogic Best Practices
I found a link that has some great information on Apache / Weblogic Best Practices from the firm OpenLogic LINK