Author: blogmirnet

Identify, remediate, and limit data risks at Security Virtual Training Day: Protect Data and Mitigate Risk from Microsoft Learn. At this free event, you’ll learn how to secure data and reduce risks with Microsoft Purview Information Protection and risk management solutions. You’ll also explore how to manage data protection policies across your organization to help protect people and data against cyberthreats. You will have the opportunity to: Manage and monitor data in new, comprehensive ways to help prevent data loss with Microsoft Purview. Identify privacy risks and help protect personal data using Microsoft Priva. Discover sensitive data and respond to inquiries efficiently with Microsoft Purview. Join us at an upcoming two-part event: November 6, 2023 | 12:00 PM – 2:45 PM | (GMT-05:00) Eastern Time (US & Canada) November 7, 2023 | 12:00 PM – 2:30 PM | (GMT-05:00) Eastern Time (US & Canada) Delivery Language: English Closed Captioning Language(s): English

REGISTER TODAY >

Grow your skills at Security Virtual Training Day: Security, Compliance, and Identity Fundamentals from Microsoft Learn. At this free, introductory event, you’ll gain the security skills and training you need to create impact and take advantage of opportunities to move your career forward. You’ll explore the basics of security, compliance, and identity—including best practices to help protect people and data against cyberthreats for greater peace of mind. You’ll also learn more about identity and access management while exploring compliance management fundamentals. You will have the opportunity to: Learn the fundamentals of security, compliance, and identity. Understand the concepts and capabilities of Microsoft identity and access management solutions, as well as compliance management capabilities. Gain the skills and knowledge to jumpstart your preparation for the certification exam. Join us at an upcoming two-part event: November 8, 2023 | 12:00 PM – 3:45 PM | (GMT-05:00) Eastern Time (US & Canada) November 9, 2023 | 12:00 PM – 2:15 PM | (GMT-05:00) Eastern Time (US & Canada) Delivery Language: English Closed Captioning Language(s): English

REGISTER TODAY >

Cybercriminals often exploit the compassion and generosity of the public by conducting fraudulent schemes in the aftermath of events, such as the recent attacks on Israel that began on October 7. Individuals seeking to donate to relief efforts are targeted in charity scams initiated by threat actors using social engineering tactics through emails, SMS text messaging, phone calls, and direct messages via social media. They often create a sense of urgency and may impersonate reputable organizations. For example, phishing emails may contain display name spoofing to appear as a known or trusted charity and attempt to convince the potential donor to open an attachment or click a link directing them to a cloned or spoofed website impersonating the legitimate charity with the intent to steal sensitive information, user credentials, or relief funds.

Although many legitimate organizations call to solicit donations, potential donors are advised to take the time before donating to research the name of the charity properly, understand who they are and their cause, and where the funds are directed. Also, search the name of the charity to determine if there are any bad reviews, complaints, scams, or fraud associated with the charity. Credit card payments offer more consumer protections and are easier to track than payments of gift cards, wire transfers, cash, or cryptocurrency. Additionally, donations are not recommended through payment apps, such as Venmo, CashApp, or Zelle, as funds through these apps should be sent to known and familiar individuals such as family and friends.

Fraudulent charities or fundraising efforts may also be created to aid terrorist organizations. Traditional fiat currency is typically used for fraudulent fundraising and terrorist financial activity. However, Hamas is one of the first terrorist organizations to use cryptocurrency for fundraising efforts, and authorities recently froze cryptocurrency accounts used by Hamas to elicit donations for their operations.

CISA and the National Security Agency (NSA) published Identity and Access Management: Developer and Vendor Challenges, authored by the Enduring Security Framework (ESF), a CISA- and NSA-led working panel that includes a public-private cross-sector partnership. ESF aims to address risks that threaten critical infrastructure and national security systems.

This publication, which follows ESF’s Identity and Access Management Recommended Best Practices Guide for Administrators, assesses and addresses challenges developers and technology manufacturers face in identity and access management (IAM). The guidance specifically addresses technology gaps that limit the adoption and secure employment of multifactor authentication (MFA) and single sign-on (SSO) technologies within organizations.

Although the publication primarily addresses challenges facing large organizations, it also provides recommendations applicable to smaller organizations. CISA encourages cybersecurity defenders to review this guidance and to speak to their software vendors about implementing its recommendations.

Today, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations, which provides the most common cybersecurity misconfigurations in large organizations, and details the tactics, techniques, and procedures (TTPs) actors use to exploit these misconfigurations.

The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders. Read the Executive Assistant Director at CISA’s blog post on the “Urgency for Software Manufacturers to Incorporate Secure by Design Principles.”

Additionally, NSA and CISA encourage organizations to review the joint CSA for recommended steps and best practices to reduce the risk of malicious actors exploiting the identified misconfigurations. For more information on secure-by-design principles, visit Secure by Design and Security-by-Design and -Default.

Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software (OSS) in operational technology (OT) and industrial control systems (ICS). In alignment with CISA’s recently released Open Source Security Roadmap, the guidance provides recommendations to OT/ICS organizations on:

• Supporting OSS development and maintenance,
• Managing and patching vulnerabilities in OT/ICS environments, and
• Using the Cross-Sector Cybersecurity Performance Goals (CPGs) as a common framework for adopting key cybersecurity best practices in relation to OSS.

Alongside the guidance, CISA published the Securing OSS in OT web page, which details the Joint Cyber Defense Collaborative (JCDC) OSS planning initiative, a priority within the JCDC 2023 Planning Agenda. The initiative will support collaboration between the public and private sectors—including the OSS community—to better understand and secure OSS use in OT/ICS, which will strengthen defense against OT/ICS cyber threats.    CISA encourages OT/ICS organizations to review this guidance and implement its recommendations.

This FBI Private Industry Notification (PIN) is provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals.

The FBI is releasing this PIN to highlight emerging ransomware trends and encourage organizations to implement the recommendations in the mitigations section to reduce the likelihood and impact of ransomware incidents.

As of July 2023, the FBI noted two trends emerging across the ransomware environment and is releasing this notification for industry awareness. These new trends included multiple ransomware attacks on the same victim in close date proximity and new data destruction tactics in ransomware attacks.

This FBI PIN provides an overview of the threat, mitigation recommendations, and is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals.

NIST has published Special Publication (SP) 800-82r3 (Revision 3), Guide to Operational Technology (OT) Security, which provides guidance on how to improve the security of OT systems while addressing their unique performance, reliability, and safety requirements.

OT encompasses a broad range of programmable systems and devices that interact with the physical environment (or manage devices that interact with the physical environment). These systems and devices detect or cause a direct change through the monitoring and/or control of devices, processes, and events. Examples include industrial control systems (ICS), building automation systems, transportation systems, physical access control systems, physical environment monitoring systems, and physical environment measurement systems.

SP 800-82r3 provides an overview of OT and typical system topologies, identifies typical threats to organizational mission and business functions supported by OT, describes typical vulnerabilities in OT, and provides recommended security safeguards and countermeasures to manage the associated risks.

Updates in this revision also include:

• Expansion in scope from ICS to OT
• Updates to OT threats and vulnerabilities
• Updates to OT risk management, recommended practices, and architectures
• Updates to current activities in OT security
• Updates to security capabilities and tools for OT
• Additional alignment with other OT security standards and guidelines, including the Cybersecurity Framework (CSF)
• New tailoring guidance for SP 800-53r5 security controls, including an OT overlay that provides tailored security control baselines for low-impact, moderate-impact, and high-impact OT systems

In addition to SP 800-82r3, a collection of NIST resources for OT cybersecurity can be found at the Operational Technology Security website.

Read More

Dirt Cheap CISSP Bootcamp!Register for our dirt cheap 5-day bootcamp to prepare yourself for the CISSP exam. This bootcamp is only available to ISC2 New Jersey Chapter members. Dates: October 21st, October 28th, November 4th, November 11th, and November 18th, 2023 Time: 9 a.m. – 5 p.m. Location: Virtual The course textbook is not included, but it is less than $100. Register here.

NY Metro Joint Cyber Security Conference

Registration is now open for the 2023 NY Metro Joint Cyber Security Conference and Workshop!

Date: October 19th and 20th, 2023
Time: 8:30 a.m. – 5:30 p.m.
Location: Microsoft, 11 Times Sq. NYC (Workshops are virtual)

It will be held in-person at Microsoft in Manhattan on October 19th and 20th, celebrating their 10th anniversary. Featuring a keynote by Lisa Plaggemier, Executive Director of the National Cybersecurity Alliance. For details, click here.

To register for this event, click here.

To learn more about becoming a sponsor for this event, click here.