0

AA22-108A: TraderTraitor: North Korean State-Sponsored APT Targets Blockchain Companies

Apr 18, 2022 / in Uncategorized

Original release date: April 18, 2022 Summary Actions to take today to mitigate cyber threats to cryptocurrency: • Patch all systems. • Prioritize patching known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Use multifactor authentication. The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the…

Read More
0

AA22-103A: APT Cyber Tools Targeting ICS/SCADA Devices

Apr 13, 2022 / in Uncategorized

Original release date: April 13, 2022 Summary Actions to Take Today to Protect ICS/SCADA Devices: • Enforce multifactor authentication for all remote access to ICS networks and devices whenever possible. • Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to mitigate password brute…

Read More
0

AA22-083A: Tactics, Techniques, and Procedures of Indicted State-Sponsored Russian Cyber Actors Targeting the Energy Sector

Mar 24, 2022 / in Uncategorized

Original release date: March 24, 2022 Summary Actions to Take Today to Protect Energy Sector Networks: • Implement and ensure robust network segmentation between IT and ICS networks. • Enforce MFA to authenticate to a system. • Manage the creation of, modification of, use of—and permissions associated with—privileged accounts. This joint Cybersecurity Advisory (CSA)—coauthored by…

Read More
0

AA22-076A: Strengthening Cybersecurity of SATCOM Network Providers and Customers

Mar 17, 2022 / in Uncategorized

Original release date: March 17, 2022 Summary Actions to Take Today: • Use secure methods for authentication. • Enforce principle of least privilege. • Review trust relationships. • Implement encryption. • Ensure robust patching and system configuration audits. • Monitor logs for suspicious activity. • Ensure incident response, resilience, and continuity of operations plans are…

Read More
0

AA22-074A: Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability

Mar 15, 2022 / in Uncategorized

Original release date: March 15, 2022 Summary Multifactor Authentication (MFA): A Cybersecurity Essential • MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99 percent less likely to have an account compromised. • Every organization should enforce MFA for…

Read More
0

AA22-057A: Destructive Malware Targeting Organizations in Ukraine

Feb 26, 2022 / in Uncategorized

Original release date: February 26, 2022 | Last revised: March 1, 2022 Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Leading up to Russia’s…

Read More
0

AA22-055A : Iranian Government-Sponsored Actors Conduct Cyber Operations Against Global Government and Commercial Networks

Feb 24, 2022 / in Uncategorized

Original release date: February 24, 2022 Summary Actions to Take Today to Protect Against Malicious Activity * Search for indicators of compromise. * Use antivirus software. * Patch all systems. * Prioritize patching known exploited vulnerabilities. * Train users to recognize and report phishing attempts. * Use multi-factor authentication. Note: this advisory uses the MITRE…

Read More
0

IT が「ゼロトラスト」に注目している理由

Oct 12, 2018 / in Uncategorized

複雑な環境に埋もれている SOC は今、セキュリティの強化に威力を発揮する統合ソリューションに熱い視線を送っています。 Publish to Facebook:  No 当ブログの以前の記事でも指摘したように、クラウドとモバイルが主流となった今、セキュリティの範囲は不明瞭になってきました。 企業情報の保護を、ファイアウォールだけに頼ることはできません。あまりにも多くのデータが飛び交っており、クラウドとの間を行き来するデータと、ファイアウォールの内側にとどまるデータの量はほとんど変わらなくなってきたからです。そのため、企業各社はさまざまな経路からしかけられる攻撃に備えるべく、多面的なアプローチを重視しています。 read more Source: Symantec

Read More