Year: 2022

 The National Security Agency (NSA) and CISA have updated their joint
Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide,
originally released in August 2021, based on valuable feedback and inputs from
the cybersecurity community. 

Kubernetes is an open-source system that automates deployment, scaling, and
management of applications run in containers. A container is a runtime
environment that contains a software package and its dependencies. Kubernetes
is often hosted in a cloud environment. The CTR provides recommended
configuration and hardening guidance for setting up and securing a Kubernetes
cluster.

CISA encourages users and administrators to review the updated Kubernetes
Hardening Guide—which includes additional detail and explanations—and apply
the hardening measures and mitigations to manage associated risks.

 Beginning June 1, 2022, the CISSP exam in the Computerized
Adaptive Testing (CAT) format will contain 50 pretest (unscored)
items, which will increase the minimum and maximum number of
items candidates will need to respond to from 100-150 to 125-175 items during
the exam. To allow for these additional items, the maximum exam administration
time will increase from three to four hours.

 

The additional 25 pretest items are evaluated for inclusion
as operational (scored) items in future exams, however, as these pretest items
are indistinguishable from operational (scored) items, candidates should
consider each item carefully and select the best possible answer. Responses
to pretest items do not impact a candidate’s score or the pass/fail result on
their examination.

The CISSP CAT exam currently contains 25 pretest items. The
addition of another 25 enables (ISC)² to continue expanding our item bank to
strengthen the integrity and security of the CISSP for all those who earn the
certification.

There are no other changes to the content of the CISSP exam.
The domains and domain weights contained within the CISSP exam outline have not changed.

CISSP exams scheduled on or after June 1, 2022 will reflect
these changes. If you or your students have questions or need assistance,
please contact examadministration@isc2.org.

 

The new Courseware is out. You have to decide if you like to take the old test by May 1 or new content On June 1 and beyond.

The new content is as follows

1 Information Security Governance

A Enterprise Governance

1A1 Organizational Culture

1A2 Legal, Regulatory, and Contractual Requirements

1A3 Organizational Structures, Roles, and Responsibilities

B Information Security Strategy

1B1 Information Security Strategy Development

1B2 Information Governance Frameworks and Standards

1B3 Strategic Planning (e.g., budgets, resources, business case).

2 Information Security Risk Management

A Information Security Risk Assessment

2A1 Emerging Risk and Threat Landscape

2A2 Vulnerability and Control Deficiency Analysis

2A3 Risk Assessment and Analysis

B Information Security Risk Response

2B1 Risk Treatment / Risk Response Options

2B2 Risk and Control Ownership

2B3 Risk Monitoring and Reporting

3Information Security Program

A Information Security Program Development

3A1 Information Security Program Resources (e.g., people, tools, technologies)

3A2 Information Asset Identification and Classification

3A3 Industry Standards and Frameworks for Information Security

3A4 Information Security Policies, Procedures, and Guidelines

3A5 Information Security Program Metrics

B Information Security Program Management

3B1 Information Security Control Design and Selection

3B2 Information Security Control Implementation and Integrations

3B3 Information Security Control Testing and Evaluation

3B4 Information Security Awareness and Training/td>

3B5 Management of External Services (e.g., providers, suppliers, third parties, fourth parties)

3B6 Information Security Program Communications and Reporting

4 Incident Management

A Incident Management Readiness

4A1 Incident Response Plan

4A2 Business Impact Analysis (BIA)

4A3 Business Continuity Plan (BCP)

4A4 Disaster Recovery Plan (DRP)

4A5 Incident Classification/Categorization

4A6 Incident Management Training, Testing, and Evaluation

B Incident Management Operations

4B1 Incident Management Tools and Techniques

4B2 Incident Investigation and Evaluation

4B3 Incident Containment Methods

4B4 Incident Response Communications (e.g., reporting, notification, escalation)

4B5 Incident Eradication and Recovery

4B6 Post-incident Review Practices

Updated CISM Exam Content Outline Effective Beginning 1 June 2022

To learn more go Here

 CISA, the Federal Bureau of Investigation (FBI), the National Security
Agency (NSA), and the United States Secret Service (USSS) have re-released an
advisory on Conti
ransomware. Conti cyber threat actors remain active and reported Conti
ransomware attacks against U.S. and international organizations have risen to
more than 1,000. 

CISA, the FBI, NSA, and the USSS encourage organizations to review AA21-265A: Conti
Ransomware, which includes new indicators of compromise, for more
information. See Shields Up and
StopRansomware.gov for
ways to respond against disruptive cyber activity.

The Office of the Director of National Intelligence has released an annual report providing an assessment of worldwide threats to U.S. national security.

The 2022 Annual Threat Assessment of the U.S. Intelligence Community was released in accordance with Section 617 of the Intelligence Authorization Act for fiscal year 2021, ODNI said Tuesday.

The report details the national security challenges posed by China, Russia, Iran and North Korea to the U.S. across various areas, including military capabilities, economy, cyber and space domain.

The document explains how China works to modify global norms and threaten its neighbors and discusses Russia’s willingness to use military force to “impose its will on neighbors” as seen in Ukraine and other countries.

Other issues covered in the report are health security concerns including infectious diseases and the COVID-19 pandemic, climate change and environmental degradation, transnational organized crime, violent extremism, illicit drugs and surges in migration.

 

 Introduction to
Cybersecurity for Commercial Satellite Operations: 2nd Draft of NISTIR 8270 is
Available for Comment

Space operations are vital to advancing the security, economic
prosperity, and scientific knowledge of the Nation. However, cyber-related
threats to space assets and their supporting infrastructure pose increasing
risks to the economic promise of emerging markets in space. This second draft of NISTIR 8270, Introduction to
Cybersecurity for Commercial Satellite Operations,
presents a specific method for applying the Cybersecurity Framework (CSF) to
commercial space business and describes an abstracted set of cybersecurity
outcomes, requirements, and suggested controls.

The draft also:

• Clarifies scope with an
  emphasis on the satellite itself,
• Updates examples for clarity,
• Adds more detailed steps for
  developing a current and target profile and risk analysis, and
• Provides references for
  relevant regulations around commercial space.

Reviewers are asked to provide feedback on additional threat
models that might help in the development of organization profiles, informative
references on the application of security controls to satellites, and standards
or informative references that might benefit all readers.

The
public comment period is open through April 8, 2022. See the publication
details for a copy of the draft and instructions for submitting
comments

 TeaBot, posing as “QR Code Scanner: Add-On”, is downloaded from two specific GitHub repositories created by the user feleanicusor. It has been verified that those repositories contained multiple TeaBot samples starting from Feb 17, 2022:

As reported at TeaBot is now spreading across the globe | Cleafy Labs

Background and key points

Final Ransomware Risk Management Cybersecurity Framework Profile & Quick
Start Guide Released Today!

 Our new UpdraftPlus release, 1.22.3 (free version) / 2.22.3 (paid versions) is a security release. The short version is: you should update. To get the details, read on!

On the evening of February 15th, we received a security defect report from security researcher Marc-Alexandre Montpas of Automattic, who during an audit of UpdraftPlus found a previously unknown defect in current versions of UpdraftPlus, which has had a CVE identifier reserved of CVE-2022-23303.

This defect allows any logged-in user on a WordPress installation with UpdraftPlus active to exercise the privilege of downloading an existing backup, a privilege which should have been restricted to administrative users only. This was possible because of a missing permissions check on code related to checking current backup status. This allowed the obtaining of an internal identifier which was otherwise unknown, and could then be used to pass a check upon permission to download.

This means that if your WordPress site allows untrusted users to have a WordPress login, and if you have any existing backup, then you are potentially vulnerable to a technically skilled user working out how to download the existing backup. Affected sites are at risk of data loss / data theft via the attacker accessing a copy of your site’s backup, if your site contains anything non-public. I say “technically skilled”, because at that point, no public proof of how to leverage this exploit has been made. At this point in time, it relies upon a hacker reverse-engineering the changes in the latest UpdraftPlus release to work it out. However, you should certainly not rely upon this taking long, but should update immediately. If you are the only user on your WordPress site, or if all your users are trusted, then you are not vulnerable, but we still recommend updating in any case.

Users who are using UpdraftPlus Premium’s feature for encrypting your database backup are protected against data loss/theft from this problem, assuming that you have kept your encryption password secret. (There is no known vulnerability allowing the attacker to also access this). In such cases, only any confidential information in the backup of your files is at risk (and then usually only your media/upload files, since plugins and themes are usually only public code that contains nothing sensitive, being downloadable from their original supplier/author by any member of the public). Note also that the WordPress database, following modern security standards, hashes stored passwords. This means that your WordPress login password is protected even from someone who has obtained even an unencrypted copy of it.

This information is now being released approximately a day after updated, secured versions of UpdraftPlus became available. During that time, the majority of sites have been updated.

Again, we urge all users to update if they have not done so already. We at UpdraftPlus sincerely apologise for any and all inconvenience that has been caused, and wish to thank Marc for working together with us. From the moment we received the report, it was “all hands on deck”. An update was pushed to Premium users within the hour. We have lost a good amount of sleep, because your sites and their backups matter to us, and we will continue working hard to make sure that continues to be the case.

(Addendum: versions 1.22.4 / 2.22.4 have subsequently been released, which deals with a conflict with a bug in a popular third-party plugin, via adding a work-around (we have also reported the issue to the plugin author)).

From https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/

 Share
a Free Entry-Level Cybersecurity

Certification Exam Voucher

Share the Link: www.isc2.org/Voucher-Offer 

Share the Code: CYBERSTART