Year: 2022

 CISA has compiled and published a list of free
cybersecurity services and tools to help organizations reduce
cybersecurity risk and strengthen resiliency. This non-exhaustive living
repository includes services provided by CISA, widely used open source tools,
and free tools and services offered by private and public sector organizations
across the cybersecurity community. Before turning to the free offerings, CISA
strongly recommends organizations take certain foundational measures to
implement a strong cybersecurity program:

• Fix known
  security flaws in software.
• Implement multifactor
  authentication.
• Take steps
  to halt bad practices, including the use of end-of-life software
  products and systems that rely on known/default/unchangeable passwords.
• Sign up for CISA’s Cyber Hygiene
  Vulnerability Scanning service.
• Reduce your attack surface by getting your “Stuff Off Search
  (S.O.S.).”

CISA encourages network defenders to take the measures above and consult the
list of
free cybersecurity services and tools to reduce the likelihood of a
damaging cyber incident, detect malicious activity, respond to confirmed
incidents, and strengthen resilience.

Original
release date: February 18, 2022

CISA has released CISA
Insights: Preparing for and Mitigating Foreign Influence Operations Targeting
Critical Infrastructure, which provides proactive steps organizations can
take to assess and mitigate risks from information manipulation. Malicious
actors may use tactics—such as misinformation, disinformation, and
malinformation—to shape public opinion, undermine trust, and amplify division,
which can lead to impacts to critical functions and services across multiple
sectors.
 
Current social factors—including heightened polarization and the ongoing global
pandemic—increase the risk and potency of influence operations to U.S. critical
infrastructure. CISA encourages leaders at all organizations to review the CISA
Insights and follow the guidance to assess risk and increase
resilience.

 LockBit is the latest ransomware gang whose Linux encryptor has been
discovered to be focusing on the encryption of VMware ESXi virtual
machines.

The enterprise is increasingly moving to virtual machines to save
computer resources, consolidate servers, and for easier backups.

Due to this, ransomware gangs have evolved their tactics to create
Linux encryptors that specifically target the popular VMware vSphere and
ESXi virtualization platforms over the past year.

While ESXi is not strictly Linux, it does share many of its
characteristics, including the ability to run ELF64 Linux executables.

To read this Full Article go Here

https://www.bleepingcomputer.com/news/security/linux-version-of-lockbit-ransomware-targets-vmware-esxi-servers/?fbclid=IwAR3MsIQ82nRxC3vhmU9x-Nn_G_LJsUmEopzTXknWPrGl9LsHHrNNEmSyUeE

 

 In response to recent malicious cyber incidents in Ukraine—including the
defacement of government websites and the presence of potentially destructive
malware on Ukrainian systems—CISA has published CISA
Insights: Implement Cybersecurity Measures Now to Protect Against Potential
Critical Threats. The CISA Insights strongly urges leaders and network
defenders to be on alert for malicious cyber activity and provides a checklist
of concrete actions that every organization—regardless of sector or size—can
take immediately to: 

• Reduce the likelihood of a damaging cyber
  intrusion, 
• Detect a potential intrusion, 
• Ensure the organization is prepared to respond if an
  intrusion occurs, and 
• Maximize the organization’s resilience to a destructive
  cyber incident.

CISA urges senior leaders and network defenders to review the CISA
Insights and implement the cybersecurity measures on the checklist.

I will be speaking at this event for resellers and MSP you can register here
 

 Zoho has released a security advisory to address an authentication bypass
vulnerability (CVE-2021-44757) in ManageEngine Desktop Central and Desktop
Central MSP. An attacker could exploit this vulnerability to take control of an
affected system.

CISA encourages users and administrators to review the Zoho
Vulnerability Notification and the Zoho ManageEngine
Desktop Central and ManageEngine
Desktop Central MSP security advisories and apply the recommended
mitigations immediately.

NCCoE Releases Draft
Project Description for IPv6 Transition

The National Cybersecurity Center of Excellence (NCCoE) has
released a new draft project description, Secure IPv6-Only Implementation in the Enterprise.
Publication of this project description begins a process to further identify
project requirements, scope, and hardware and software components for use in a
laboratory demonstration environment.

We want your feedback on this draft to help refine the project.
The comment period is now open and will close on January 27, 2022.

The project will address operational, security, and privacy issues
associated with the evolution to IPv6-only network infrastructures. It will
demonstrate tools and methods for securely implementing IPv6, whether as a
“greenfield” implementation or as a transition from an IPv4 infrastructure to
an IPv6-only network. This project will result in practice guides to encourage
the secure transition to IPv6-only enterprise IT environments.

We Want to Hear from You!

Review the project description and submit comments online on or before January 27, 2022. You
can also help shape and contribute to this project by joining the NCCoE’s IPv6
Transition Community of Interest. Send an email to ipv6-transition@nist.gov detailing your
interest.

We value and welcome your input and look forward to your comments.

 

Blockchain for Access
Control Systems: Draft NISTIR 8403 Available for Comment

NIST has released NIST Internal Report (NISTIR) 8403, Blockchain for
Access Control Systems, for public comment.

Protecting system resources against unauthorized access is the
primary objective of an access control system. As information systems rapidly
evolve, the need for advanced access control mechanisms that support
decentralization, scalability, and trust – all major challenges for traditional
mechanisms – has grown.

Blockchain technology offers high confidence and tamper resistance
implemented in a distributed fashion without a central authority, which means
that it can be a trustable alternative for enforcing access control policies.
This document presents analyses of blockchain access control systems from the
perspectives of properties, components, architectures, and model supports, as
well as discussions on considerations for implementation.

The public comment period is open through February 7, 2022. 
See the publication details
for a copy of the draft and instructions for submitting comments.

 

Public comments will
close on January 17 for Volume C of NIST SP 1800-34, Validating the Integrity
of Computing Devices 

The National Institute of Standards and Technology’s National
Cybersecurity Center of Excellence (NCCoE) has published the preliminary draft
Volume C of NIST SP
1800-34, Validating the Integrity of Computing Devices for public
comment. This is a reminder that the public comment period will close on
January 17, 2022. You can submit comments
online or via email to supplychain-nccoe@nist.gov.

Volume C includes specific product installation, configuration,
and integration instructions for building the example implementation, allowing
you to replicate all or parts of this project. Help the NCCoE make this guide
better by sharing your thoughts with us. If your organization prototypes this
solution, please share your experience with our team. You can also stay up to
date on the progress of this project by sending an e-mail to supplychain-nccoe@nist.gov to join our Supply
Chain Assurance’s Community of Interest.