Daniel Kuhl ✌🏻☮️☕️Hard week so far. 😓 Fighting with a firewall access rule conversion from Cisco to Check Point. The data is stored in a SQL database from which Cisco access rules are generated. Got the appropriate data now in a CSV file per firewall context (virtual firewall). Now the very hard work will start to convert into Check Point Management API usable data with Python.
Nice article! Can‘t agree more on all of them amd seen many of them in the wild:
📄 Default configurations of software and applications
⛔️ Improper separation of user/administrator privilege
🔎 Insufficient internal network monitoring
⚠️ Lack of network segmentation
🔄 Poor patch management
🔀 Bypass of system access controls
📱 Weak or misconfigured MFA methods
🎣 Lack of phishing-resistant MFA
🚫 Insufficient access control lists on network shares and services
🧼 Poor credential hygiene
👨🏼💻 Unrestricted Code Execution
#cybersecurity #NetworkAccessControl #patchmanagement #PrincipleOfLeastPriviledge #mfa #phishing #networksegmentation #networkmonitoring #hardening #codeexecution
OPSEC Cybersecurity News LiveDoes my ISP sees that I am using someone else's PPPoE username/password?
https://security.stackexchange.com/questions/268489/does-my-isp-sees-that-i-am-using-someone-elses-pppoe-username-password
#networkaccesscontrol #networkscanners #internet #network #isp
https://security.stackexchange.com/questions/268489/does-my-isp-sees-that-i-am-using-someone-elses-pppoe-username-password
#networkaccesscontrol #networkscanners #internet #network #isp
ITSEC NewsPreventing Criminals from Using Cloud Applications to Inject Chaos Into Work Environments - In 2020, cyber criminals used cloud applications, the cover of a pandemic, and a ... http://feedproxy.google.com/~r/securityweekly/XBIC/~3/GpcS5VyJS20/ #networkaccesscontrol #applicationsecurity #threatintelligence #identityandaccess #cloudsecurity #emailsecurity #datasecurity #remoteaccess #articles #ddos
Preventing Criminals from Using Cloud Applications to Inject Chaos Into Work Environments - Security Weekly
In 2020, cyber criminals used cloud applications, the cover of a pandemic, and a newly embraced work-from-home culture to serve up ransomware, steal data, and disrupt how companies do business. The year is over, but the challenges and risks remain. How do we prevent these criminals from injecting chaos into our hybrid work environments? As […]
heise online (inoffiziell)Eine Marktstudie zeigt: Viele mittelständische Unternehmen sind weitgehend wehrlos gegenüber Angriffen auf ihr Netz.
Netzwerksicherheit? Fehlanzeige!
Netzwerksicherheit? Fehlanzeige!
Path To Threat Hunting Through Great Network Data – Brian Dye – ESW #155 - Path To Threat Hunting Through Great Network Data
The post Path To Threat Hunting Through Great Netw... more: http://feedproxy.google.com/~r/securityweekly/XBIC/~3/Zy_-egsQz8M/ #enterprisesecurityweekly #networkaccesscontrol #networksecurity #vulnerabilities #ethicalhacking #threathunting #accesscontrol #ethicalhacker #threathunting #mattalderman #interview #briandye #exploits #hacking #jeffman #threats #nac
The post Path To Threat Hunting Through Great Netw... more: http://feedproxy.google.com/~r/securityweekly/XBIC/~3/Zy_-egsQz8M/ #enterprisesecurityweekly #networkaccesscontrol #networksecurity #vulnerabilities #ethicalhacking #threathunting #accesscontrol #ethicalhacker #threathunting #mattalderman #interview #briandye #exploits #hacking #jeffman #threats #nac