Skip to content

F1TYM1

InfoSec News

  • Fity Feeds
  • Fity Blog
  • About
  • Other

Malware / Ransomware

How Hash-Based Safe Browsing Works in Google Chrome
US treasury whips up sanctions for crypto mixer Tornado Cash
Meta Cracks Down on Cyber Espionage Operations in South Asia Abusing Facebook
New IoT RapperBot Malware Targeting Linux Servers via SSH Brute-Forcing Attack
A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'
New Woody RAT Malware Being Used to Target Russian Organizations
7-Eleven Stores In Denmark Closed Due To a Cyberattack
Great, Now the Apple App Store Has Malware Too
Meta Disrupted Two Cyberespionage Operations in South Asia
US, Australian Cybersecurity Agencies Publish List of 2021's Top Malware
Evolution of security: the story of the ILOVEYOU worm | Kaspersky official blog
Hackers Using SHARPEXT Browser Malware to Spy on Gmail and Aol Users
A Ransomware Explosion Fosters Thriving Dark Web Ecosystem
Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers
Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War
10 Malicious Code Packages Slither into PyPI Registry
US aims to step up security for federal datacenters: Both physical and cyber
The evolution of security: the story of Code Red | Kaspersky official blog
Sonatype shines light on typosquatting ransomware threat in PyPI
How cybercrims embrace messaging apps to spread malware, communicate
Defence against the dark arts of ransomware
One-third of organizations experience weekly ransomware attacks
Top malware strains observed in 2021
Chinese hackers use new Windows malware to backdoor govt, defense orgs
GitHub Zero-Day: From 35K Repos Compromised to False Alarm
SafeBreach Coverage for US-CERT Alert (AA22-216A)- Top Malware Strains in 2021
Why is device protection for kids valuable?
Phishing attack adds pressure with countdown clock
Targeted attack on industrial enterprises and public institutions
Andariel deploys DTrack and Maui ransomware
Researchers uncover sophisticated global Chinese hacking operation
7-Eleven Stores In Denmark Closed Due To a Cyberattack
APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants
Strengthen Android privacy and security via Telsy free secure DNS over TLS
Diving into YarGen
Strengthen Android privacy and security via Telsy free secure DNS over TLS
APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants
Facebook Removes Accounts Used to Infect Thousands With Malware
New Warning on Ryuk Ransomware
Delivering major enhancements in Windows Defender Application Control with the Windows 10 May 2019 Update

CIS Control 12: Network Infrastructure Management

Networks form a critical core for our modern-day society and businesses. These networks are comprised of many types of components that make up the networks’ infrastructure. Network infrastructure devices can be physical or virtual and include things such as routers, switches, firewalls, and wireless access points. Unfortunately, many devices are shipped from manufacturers with “default” configuration settings and passwords that, if deployed as-is, can significantly weaken an organization’s network infrastructure. Even if network devices are hardened with non-default configurations and strong passwords, over time these devices will be targeted by new vulnerabilities that are discovered by security researchers.

Key Takeaways for Control 12

Enterprises should ensure the teams implementing and operating the network infrastructure have processes and procedures in place that include capabilities for having a secure network infrastructure. These processes and procedures include, but are not limited to:

  1. developing a network security architecture,
  2. implementing a continuous security improvement process,
  3. creating and evolving a network security maturity model,
  4. developing and maintaining network architecture diagrams and documentation,
  5. ensuring no default settings or passwords for network devices, and
  6. implementing a patch and vulnerability management program for network infrastructure devices.

Control 12 is designed to help organizations enable and maintain more secure network infrastructure.

Safeguards for Control 12

1:   Ensure Network Infrastructure is Up-to-Date

Description: Ensure network infrastructure is kept up-to-date. Example implementations include running the latest stable release of software and/or using currently supported network-as-a-service (NaaS) offerings. Review software versions monthly, or more frequently, to verify software support.

Notes: The security function associated with this safeguard is Protect.

2:   Establish and Maintain a Secure Network Architecture

Description: Establish and maintain a secure network architecture. A secure network architecture must address segmentation, least privilege, and availability, at a minimum.

Notes: The security function associated with this safeguard is Protect.

3:   Securely Manage Network Infrastructure

Description: Securely manage network infrastructure. Example implementations include version-controlled-infrastructure-as-code, and the use of secure network protocols, such as SSH and HTTPS.

Notes: The security function associated with this safeguard is Protect.

4:   Establish and Maintain Architecture Diagrams

Description: Establish and maintain architecture diagram(s) and/or other network system documentation. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.

Notes: The security function associated with this safeguard is Identify.

5:   Centralize Network Authentication, Authorization, and Auditing (AAA)

Description: Centralize network AAA.

Notes: The security function associated with this safeguard is Protect.

6:   Use of Secure Network Management and Communication Protocols

Description: Use secure network management and communication protocols (e.g., 802.1X, Wi-Fi Protected Access 2 (WPA2) Enterprise or greater).

Notes: The security function associated with this safeguard is Protect.

7:   Ensure Remote Devices Utilize a VPN and are Connecting to an Enterprise’s AAA Infrastructure

Description: Require users to authenticate to enterprise-managed VPN and authentication services prior to accessing enterprise resources on end-user devices.

Notes: The security function associated with this safeguard is Protect.

8:   Establish and Maintain Dedicated Computing Resources for all Administrative Work

Description: Establish and maintain dedicated computing resources, either physically or logically separated, for all administrative tasks or tasks requiring administrative access. The computing resources should be segmented from the enterprise’s primary network and not be allowed internet access.

Notes: The security function associated with this safeguard is Protect.

See how simple and effective security controls can create a framework that helps you protect your organization and data from known cyber-attack vectors by downloading this guide.

Read more about the 18 CIS Controls here:

CIS Control 1: Inventory and Control of Enterprise Assets

CIS Control 2: Inventory and Control of Software Assets

CIS Control 3: Data Protection

CIS Control 4: Secure Configuration of Enterprise Assets and Software

CIS Control 5: Account Management

CIS Control 6: Access Control Management

CIS Control 7: Continuous Vulnerability Management

CIS Control 8: Audit Log Management

CIS Control 9: Email and Web Browser Protections

CIS Control 10: Malware Defenses

CIS Control 11: Data Recovery

CIS Control 12: Network Infrastructure Management

Related

Posted on 2021-11-24Author BlogCategories Fity Feeds

Post navigation

Previous Previous post: Kenyan fintech Asilimia raises $2 million in a pre-seed round, plans to extend loans to MSMEs and expand in East Africa
Next Next post: Five problems of telehealth | Kaspersky official blog
Proudly powered by WordPress