Переходьте в офлайн за допомогою програми Player FM !
67 - CISA vs. Snake Oil
Manage episode 328928345 series 2943439
Or at least that's my analysis of CISA Alert AA22-137A
It doesn't matter what fancy tools you have if you're using and configuring them incorrectly.
This episode is also available on YouTube: https://youtu.be/MJLpCTG_kqI
In this episode I'm going to review CISA Alert (AA22-137A)
https://www.cisa.gov/uscert/ncas/alerts/aa22-137a
Weak Security Controls and Practices Routinely Exploited for Initial Access
Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices and includes best practices to mitigate the issues. This advisory was coauthored by the cybersecurity authorities of the United States,[1],[2],[3] Canada,[4] New Zealand,[5],[6] the Netherlands,[7] and the United Kingdom.[8]
Download the PDF version of this report (pdf, 430kb).
--- Support this podcast: https://podcasters.spotify.com/pod/show/amplifiedandintensified/support87 епізодів
Manage episode 328928345 series 2943439
Or at least that's my analysis of CISA Alert AA22-137A
It doesn't matter what fancy tools you have if you're using and configuring them incorrectly.
This episode is also available on YouTube: https://youtu.be/MJLpCTG_kqI
In this episode I'm going to review CISA Alert (AA22-137A)
https://www.cisa.gov/uscert/ncas/alerts/aa22-137a
Weak Security Controls and Practices Routinely Exploited for Initial Access
Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices and includes best practices to mitigate the issues. This advisory was coauthored by the cybersecurity authorities of the United States,[1],[2],[3] Canada,[4] New Zealand,[5],[6] the Netherlands,[7] and the United Kingdom.[8]
Download the PDF version of this report (pdf, 430kb).
--- Support this podcast: https://podcasters.spotify.com/pod/show/amplifiedandintensified/support87 епізодів
Усі епізоди
×Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.