CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. [CISA Cybersecurity Alerts]

CyberWire Daily

N2K Networks, Inc.

Technology, Daily News, News, Tech News

4.8 • 1.1K Ratings

🗓️ 17 May 2022

⏱️ 3 minutes

🔗️ Recording | iTunes | RSS

🧾️ Download transcript

Summary

This joint cybersecurity advisory was coauthored by the cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK. Cyber actors routinely exploit poor security configurations, weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joint Cybersecurity Advisory identifies commonly exploited controls and practices, and includes best practices to mitigate these risks. AA22-137A Alert, Technical Details, and Mitigations White House Executive Order on Improving the Nation’s Cybersecurity NCSC-NL Factsheet: Prepare for Zero Trust NCSC-NL Guide to Cyber Security Measures N-able Blog: Intrusion Detection System (IDS): Signature vs. Anomaly-Based NCSC-NL Guide to Cyber Security Measures National Institute of Standards and Technology SP 800-123 – Keeping Servers Secured NCSC-UK Guidance – Phishing Attacks: Defending Your Organisation Open Web Application Security Project (OWASP) Proactive Controls: Enforce Access Controls All organizations should report incidents and anomalous activity to CISA’s 24/7 Operations Center at central@cisa.dhs.gov or (888) 282-0870 and to the FBI via your local FBI field office or the FBI’s 24/7 CyWatch at (855) 292-3937 or CyWatch@fbi.gov. Learn more about your ad choices. Visit megaphone.fm/adchoices

Transcript

Click on a timestamp to play from that location

0:00.0	You're listening to the CyberWire Network, powered by N2K.
0:07.0	This is a CISA Cybersecurity Alert.
0:16.0	ID number Alpha Alpha 22 TAC 137 Alpha.
0:20.0	Original release date, March 17, 2022.
0:25.0	This joint Cybersecurity Advisory was co-authored by the Cybersecurity Authorities
0:32.0	of the U.S. Canada, New Zealand, the Netherlands, and the UK.
0:37.3	Cyber actors routinely exploit poor security configurations, weak controls, and other poor cyber hygiene practices to gain initial access as a part of other tactics to compromise a victim's system.
0:49.0	This joint cybersecurity advisory identifies commonly exploited controls and practices and
0:55.2	includes best practices to mitigate these risks.
0:58.8	The alert documentation defines 10 major exploitation vectors regularly used by malicious cyber actors.
1:05.0	In order to mitigate these vectors, CISA outlines and provides resources for 18 security controls under 7 control categories.
1:14.0	CISA recommends organizations re-evaluate their security posture and implement additional controls under the categories of
1:21.0	Control access, implement credential hardening,
1:25.0	establish centralized log management,
1:28.0	employ antivirus programs,
1:30.0	employee detection tools and search for vulnerabilities, maintain rigorous
1:34.8	configuration management programs, and initiate a software and patch management
1:39.3	program.
1:40.3	Implementing the 18 security best practices under these critical control categories can help
1:45.8	organizations strengthen their network defenses against commonly exploited and weak security
1:50.1	controls.
1:51.6	The alert documentation and resources linked in the show notes provide
	...

Please login to see the full transcript.

Previous episode | Next episode

Disclaimer: The podcast and artwork embedded on this page are from N2K Networks, Inc., and are the property of its owner and not affiliated with or endorsed by Tapesearch.

Generated transcripts are the property of N2K Networks, Inc. and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.