Exploit a #zeroday then self-patch the #vulnerability so other hackers can't use the same exploit? AND you maintain #persistence while hiding in plain sight for longer? Damn - that's really fuckin clever.
https://www.darkreading.com/cyber-risk/initial-access-broker-self-patches-zero-days
#CyberWarfare #Hacking #ThreatAssessment #BeCyberSafe #StayCyberAware #F5
Just attended a briefing yesterday about this specific topic #ScatteredSpider:
https://www.darkreading.com/cyberattacks-data-breaches/scattered-spider-hacking-spree-airline-sector
"Palo Alto Networks urged organizations in the sector to be "on high alert for sophisticated and targeted social engineering attacks and suspicious MFA reset requests," citing evidence of similar attacks.
#Airline #CyberFraud #ThreatAssessment #SocialEngineering #CyberWarfare #BeCyberSafe #StayCyberAware #CriticalInfrastructure
All #sysadmins should review this article and the #CVE reports. Ensure ALL of your #domaincontrollers (at a minimum) and #WindowsServers are fully patched to prevent this vulnerability from being exploited. No one wants an #LDAP #DoS situation. What a nightmare that would be.
Never heard of #Honey personally, but this #scam is very real. I am skeptical of any coupon sites generally, because they have NEVER worked for me in the past (before they were doing quasi-criminal activity). Also, NEVER install a browser extension you aren't 100% sure of its legitimacy AND how it works.
#Honey is actively stealing from affiliates, which, while not illegal, is highly unethical and simply not fair.
If you don't know about this scam, I recommend you watch this video so you understand how it works (clearnet): https://youtu.be/vc4yL3YTwWk?feature=shared
So what kind of policy framework do I have at my org? Goal is AAL2 per NIST 800-63B. Keep in mind, at least for the next decade or so still, passwords are not going anywhere - they are the last line of authentication while the world transitions to #passwordless
Encrypt everything, everywhere, all the time VPN tunnels everywhere PW polciy that enforces a minimum of 13-complex characters for passwords (passphrases are evangelized heavily) + mandatory MFA via an Authnticator app + 365-day rotation policy (unless someone phishes their credential or it comes up on a #darkweb monitor) + 30-day token expiration - we do have filtering to prevent anyone reusing old password or common passwords (no, I don't pay for it, you can integrate with AD directly with some clever #powershell, #jfgi. For our admin accounts, we require #passphrases of at least 4 words (7 are recommended), using the diceware method (physical, not a website). PW rotation occurs every 180-days. Tokens expire every 24-hours. Service accounts (where we cannot use auto-cycling API tokens) require a minimum 24-character very complex password or 4-word passphrase as MFA is required to be disabled. PW rotation occurs every 180-days. Awareness trainings every quarter for high-risk/high-exposure employees, annually for the rest of the company. I update my presentation facts, data, and reported metrics frequently based on OSINT, SIGINT, HUMINT, research, and constant education.
Let's talk about #CyberHygiene:
You have to develop a certain level of "Spidey sense", and it can be as simple as realizing that you need a second opinion before clicking a link. You don't have to be subject matter experts; just have to know enough to recognize when you should ask someone else. #StopAndThink
People sometimes have the mistaken notion that they aren't targets for bad actors because they aren't famous and don't have a high net worth. But that's simply not the case today. Anyone with any online presence is a potential target to attackers. That means everyone needs to know their #cyberhygiene
Basic cyber hygiene is essential and easy. Steps include:
Be more stringent about the info you share online Review and adjust privacy settings Use strong and unique passwords (I recommend using diceware passphrases) Enable two-factor authentication Monitor online presence Learn about data brokers Secure all devices Be skeptical of unsolicited requests Regularly audit third-party apps Monitor credit reports Separate personal and professional identities
With #CyberSecurity, a little can go a long way to protecting yourself, your family/friends, and even your employer. Again, you don't need to be an expert, you just need to slow down and think. Be a human lol. And in the #CyberWorld, trust nothing, question everything.
Geekmaster 👽
