How to stop ransomware – Seven steps to protect your enterprise
There are seven steps that will help your company fight off ransomware attacks.
Rethinking the current cybersecurity landscape
Pressing the reset button on security is only possible by disregarding the old-school ring-fencing and the rigid firewalls of the moat-castle mindset and embracing the zero trust mentality.
ISC StormCast for Monday, September 27th, 2021
Mobile Device Inventory via Active Sync
https://isc.sans.edu/forums/diary/Keep+an+Eye+on+Your+Users+Mobile+Devices+Simple+Inventory/27868/
Autodiscover Attacks
https://autodiscover-vulnerable-tlds.com
https://wiki.mozilla.org/Public_Suffix_List
https://www.guardicore.com/labs/autodiscovering-the-great-leak/
Three More 0-Day Vulnerabilities in iOS
https://habr.com/en/post/579714/
original russian version: https://habr.com/en/post/579716/
Cisco CAPWAP Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-capwap-rce-LYgj8Kf
Sonicwall SMA 100 Series Vulnerablity
https://www.sonicwall.com/support/product-notification/security-notice-critical-arbitrary-file-delete-vulnerability-in-sonicwall-sma-100-series-appliances/210819124854603/
5 minutes with David Bradbury – Hiring globally to prevent security burnout
Increasing workloads and attacks on organizations are a major source of burnout among security professionals. David Bradbury, Chief Security Officer at Okta, explains how hiring globally can help reduce the burden on security employees that are already overworked.
Creating a culture of security for social butterflies
Ensure your employees understand the security risks of social media, provide awareness training and implement best practice policies for smarter socializing.
Hacking burnout: Addressing stress among security professionals
All too often, people feel they need to push their personal limits at work, at the expense of their mental, physical and emotional health. How can leadership combat burnout across security teams by prioritizing an employee’s well-being?
ISC StormCast for Friday, September 24th, 2021
Excel Recipe: Some VBA Code with a Touch of Excel4 Macro
https://isc.sans.edu/forums/diary/Excel+Recipe+Some+VBA+Code+with+a+Touch+of+Excel4+Macro/27864/
Windows Platform Binary Table Weakness
https://eclypsium.com/2021/09/20/everyone-gets-a-rootkit/
Apple Patches Older iOS/MacOS Versions
https://support.apple.com/en-us/HT201222
Broken Digital Signatures Used to Foil Malware Detection
https://blog.google/threat-analysis-group/financially-motivated-actor-breaks-certificate-parsing-avoid-detection/
ISC StormCast for Thursday, September 23rd, 2021
An XML-Obfustcated Office Document (CVE-2021-40444)
https://isc.sans.edu/forums/diary/An+XMLObfuscated+Office+Document+CVE202140444/27860/
Exchange Autodiscovering Leaks Credentials
https://www.guardicore.com/labs/autodiscovering-the-great-leak/
Nagios Vulnerabilities
https://claroty.com/2021/09/21/blog-research-securing-network-management-systems-nagios-xi/
Apple Deprecating TLS 1.0/1.1
https://developer.apple.com/news/?id=bv8ur34d
5 cybersecurity threats for businesses in 2021—and 3 tips to combat them
Whether you build up in-house expertise or find a trusted outside partner, cybersecurity can no longer be a project set on the back burner. Let’s walk through five prevalent cybersecurity threats for businesses, along with three helpful tips to combat them.
