Cybersecurity

Unit 42, which describes itself as “the global threat intelligence team” at Palo Alto Networks, has released 11 new “Adversary Playbooks” that present the tools, techniques, and procedures (TTPs) used by cyber threat actors. The addition of the newest Playbooks nearly doubles the number in Unit 42’s collection, which now stands at 21.

The Center for Internet Security (CIS) reminds partners to properly dispose of old or unused data and devices in its July 2019 newsletter. Without careful management of online accounts, cloud storage, physical storage, and electronic devices, users could inadvertently disclose sensitive information that can be exploited by cyber criminals. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), a WaterISAC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities.

Analysis performed of domains used by Fortune 500 companies, U.S. government agencies, and other major organizations reveal nearly 80 percent don’t use DMARC, or Domain-based Message Authentication, Reporting & Conformance. It is a protocol that works on top of email servers that already support the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM). It lets email server administrators put policies in place that can detect when an incoming email is lying about its real "From:" address.

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of vulnerabilities affecting multiple Virtual Private Network (VPN) applications. A remote attacker could exploit these vulnerabilities to take control of an affected system. CISA encourages administrators to review the following security advisories and apply the necessary updates.