CISA hosts Cyber Storm exercise with 200+ organizations
CISA’s Cyber Storm exercise simulates a significant cybersecurity incident impacting critical infrastructure to improve risk management, incident response planning, information sharing and cyber response activities.
Four security protocols to protect the new normal, a hybrid steady state
There are four security protocols to consider when reviewing an enterprise’s public cloud risk profile.
ISC StormCast for Wednesday, March 16th, 2022
Clean Binaries with Suspicious Behaviour
https://isc.sans.edu/forums/diary/Clean+Binaries+with+Suspicious+Behaviour/28444/
Misconfigured Multi-Factor Authentication Abused
https://www.cisa.gov/uscert/ncas/alerts/aa22-074a
German Office of Information Security Warns Kaspersky Users
https://www.bsi.bund.de/DE/Service-Navi/Presse/Pressemitteilungen/Presse2022/220315_Kaspersky-Warnung.html
Caddy Wiper Targeting Ukraine
https://www.welivesecurity.com/2022/03/15/caddywiper-new-wiper-malware-discovered-ukraine/
Fake Antivirus Targeting Ukraine
https://twitter.com/malwrhunterteam/status/1502302718140035080
B1txor20 DNS Tunnel Backdoor
https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en/
Avoid costly cybersecurity turnovers during March Madness
Don’t get too caught up in the excitement of March Madness. Cybercriminals will use social engineering, phishing, malware, ransomware and other cybersecurity strategies to wreak havoc. Boost security defenses now.
Protecting the enterprise from lateral movement attacks
Let’s look at lateral movement further and explore why it is important and how to minimize the impact of adversaries moving around your environment.
ISC StormCast for Tuesday, March 15th, 2022
Apple Updates Everything
https://isc.sans.edu/forums/diary/Apple+Updates+Everything+MacOS+123+XCode+133+tvOS+154+watchOS+85+iPadOS+154+and+more/28438/
Look Alike Accounts Used in Ukraine Dontation Scam Impersonating Olena Zelenska
https://isc.sans.edu/forums/diary/Look+Alike+Accounts+Used+in+Ukraine+Donation+Scam+impersonating+Olena+Zelenska/28440/
Curl on Windows
https://isc.sans.edu/forums/diary/Curl+on+Windows/28436/
Veeam Vulnerabilities
https://www.veeam.com/kb4288
Linux Netfilter Privilege Escalation
https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
ISC StormCast for Monday, March 14th, 2022
Malware Using WebSockets For C&C
https://isc.sans.edu/forums/diary/Keep+an+Eye+on+WebSockets/28430/
Racoon Stealer leverages Telegram
https://decoded.avast.io/vladimirmartyanov/raccoon-stealer-trash-panda-abuses-telegram/
USAHERDS Hack
https://www.wired.com/story/china-apt41-hacking-usaherds-log4j/
YARA 4.2.0 Released
https://isc.sans.edu/forums/diary/YARA+420+Released/28432/
Listen to Josh Yavor, Tessian CISO, talk burnout among security teams and executives
Josh Yavor, Chief Information Security Officer (CISO) at Tessian, talks about the “leap-of-faith” decision he made four years ago that helped address his own feelings of burnout, and how CISOs can lead by example, setting boundaries and accountability at the C-suite level.
User cybersecurity awareness starts with training
Security leaders, employees and users all play a part in cybersecurity success. Implementing employee awareness programs and user education initiatives can help bridge an organization’s security gaps.
