2021 PAMIA Board Election Results
President – Martine Kersaint.
Secretary – Barry Kohler.
Treasurer – Randolph Cremer.
Members At Large – Katherine Mazza, John Paul Larson, Karen Topping.
The PAMIA Bylaws describe the board positions. One can be nominated for multiple positions. Term length is one year.
Serving on the board of a local biomed society earns points towards AAMI/ACI Certification renewals.
Product spotlight on school safety solutions
Security magazine highlights school security solutions that can be component of a comprehensive and holistic security program.
Just 49% of organizations have funds for current cybersecurity needs
Only 49% of organizations have the budget to meet current cybersecurity needs and 11% can protect only their most critical assets, says NISC survey.
$3M allocation supports Massachusetts-based cybersecurity center
A Cybersecurity Center of Excellence will be established
at Massachusetts-based Springfield Technical Community College at Springfield Union Station.
ISC StormCast for Monday, February 6th, 2023
Assemblyline as a Malware Analysis Sandbox
https://isc.sans.edu/diary/Assemblyline%20as%20a%20Malware%20Analysis%20Sandbox/29510
GoAnywhere MFT zero-day Exploited
https://www.rapid7.com/blog/post/2023/02/03/exploitation-of-goanywhere-mft-zero-day-vulnerability/
Ransomware targeting VMware ESXi
https://blog.ovhcloud.com/ransomware-targeting-vmware-esxi/
Jira Service Managment Server and Data Center Advisory CVE-2023-22501
https://confluence.atlassian.com/jira/jira-service-management-server-and-data-center-advisory-cve-2023-22501-1188786458.html
OpenSSH Update
https://www.openssh.com/releasenotes.html
F5 BigIP Vulnerability CVE-2023-22374
https://my.f5.com/manage/s/article/K000130415
ISC StormCast for Friday, February 3rd, 2023
Rotating Packet Captures with pfSense
https://isc.sans.edu/diary/Rotating%20Packet%20Captures%20with%20pfSense/29500
BEC Group Incorporates Secondary Impersonated Personas
https://intelligence.abnormalsecurity.com/blog/firebrick-ostrich-third-party-reconnaissance-attacks
MalVirt .Net Virtualization Thrives in Malvertising Attacks
https://www.sentinelone.com/labs/malvirt-net-virtualization-thrives-in-malvertising-attacks/
Cisco Remote Code Execution with Persistence
https://www.trellix.com/en-us/about/newsroom/stories/research/when-pwning-cisco-persistence-is-key-when-pwning-supply-chain-cisco-is-key.html
How to effectively communicate cybersecurity best practices to staff
Organizations that creatively and consistently engage employees in cybersecurity best practices stand a better chance of protecting systems and data.
Bolstering defenses amid evolving threats & cyber pro burnout
Cybersecurity is a continuous effort because, as systems evolve, so do attackers; however, best practices can bolster cybersecurity posture.
ISC StormCast for Thursday, February 2nd, 2023
Detecting Malicious OneNote Files
https://isc.sans.edu/diary/Detecting%20%28Malicious%29%20OneNote%20Files/29494
Microsoft Defender Device Isolation for Linux
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/announcing-device-isolation-support-for-linux/ba-p/3676400
SH1MMER Exploit for Chromebooks
https://sh1mmer.me
DOMPDF SVG Parsing Vulnerability
https://github.com/dompdf/dompdf/security/advisories/GHSA-3cw5-7cxw-v5qg
CISA provides guidelines to safeguard K-12 groups from cyber threats
CISA releases Protecting Our Future, which aims to support K-12 organizations with guidelines to prioritize their fight against cybersecurity risks.
