@jackcole No need to go the roundabout way through a public charger when any old headlight is allowed to send a "key fob accepted" message to the locks & ECU. Seriously #Toyota engineers, what were you thinking?! Have you never heard of the #security #infosec principles of #LeastPrivilege, #SeparationOfDuties and only accepting messages from systems that SHOULD originate that class of messages?

There is of course no guarantee that it would have helped, but it would have slowed an attacker down.

@BenAveling that's not a hot take. It's #LeastPrivilege and #SeparationOfDuties. It's temporary #StepUpAuthentication and timeouts.
A particular user should only be able to do what they need to do for a particular job function, but only when they need to do it, and only for as long as it takes to do the thing.

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities.

Learn how Zerobot works and how to defend devices and networks against it:

- Use Microsoft 365 Defender as security solutions with cross-domain visibility and detection capabilities

- Adopt a comprehensive IoT security solution such as Microsoft Defender for IoT, integrate it with XDR platform such as Microsoft Sentinel and Microsoft 365 Defender

- Harden endpoints with a comprehensive Windows security solution

- Ensure secure configurations for devices

- Use least privileges access

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

#microsoft #windows #security #iot #MSTIC #azure #xdr #microsoft365defender #defenderforIoT #iot #sentinel #microsoftsentinel #siem #soar #cloud #cloudsecurity #Zerobot #ssh #leastprivilege #rat #ioc #threatintelligence #ti #tip #ddos #ZeroStresser #webapp #vulnerabilities #cve

Zerobot is a Go-based botnet that spreads primarily through IoT and web application vulnerabilities.

Learn how Zerobot works and how to defend devices and networks against it:

- Use Microsoft 365 Defender as security solutions with cross-domain visibility and detection capabilities

- Adopt a comprehensive IoT security solution such as Microsoft Defender for IoT, integrate it with XDR platform such as Microsoft Sentinel and Microsoft 365 Defender

- Harden endpoints with a comprehensive Windows security solution

- Ensure secure configurations for devices

- Use least privileges access

https://www.microsoft.com/en-us/security/blog/2022/12/21/microsoft-research-uncovers-new-zerobot-capabilities/

#microsoft #windows #security #iot #MSTIC #azure #xdr #microsoft365defender #defenderforIoT #iot #sentinel #microsoftsentinel #siem #soar #cloud #cloudsecurity #Zerobot #ssh #leastprivilege #rat #ioc #threatintelligence #ti #tip #ddos #ZeroStresser #webapp #vulnerabilities #cve

Thanks @girlgerms for linking to this epic list of #Azure Active Directory least privilege roles BY TASK.
Want to do this thing? You need this role to give you the min amount of required permissions.

https://learn.microsoft.com/azure/active-directory/roles/delegate-by-task?WT.mc_id=modinfra-0000-socuff

#security #ZeroTrust #identity #LeastPrivilege

The dangers of admin rights need no introduction. So why are many companies still giving them out like free candy?

𝘍𝘰𝘳 𝘰𝘱𝘦𝘳𝘢𝘵𝘪𝘰𝘯𝘢𝘭 𝘦𝘢𝘴𝘦 𝘢𝘯𝘥 𝘱𝘳𝘰𝘥𝘶𝘤𝘵𝘪𝘷𝘪𝘵𝘺?
𝘛𝘰 𝘢𝘷𝘰𝘪𝘥 𝘰𝘷𝘦𝘳𝘸𝘩𝘦𝘭𝘮𝘪𝘯𝘨 𝘵𝘩𝘦 𝘚𝘦𝘳𝘷𝘪𝘤𝘦 𝘋𝘦𝘴𝘬?
𝘉𝘦𝘤𝘢𝘶𝘴𝘦 𝘵𝘩𝘦𝘺'𝘷𝘦 𝘢𝘭𝘸𝘢𝘺𝘴 𝘥𝘰𝘯𝘦 𝘪𝘵 𝘵𝘩𝘢𝘵 𝘸𝘢𝘺?

It's likely one of these (if not a blend of all three). But with Endpoint Privilege Management, admin rights can be removed overnight, and flexible workstyle templates let you implement least privilege policies in a matter of days for everyone - even sysadmins.

Productivity doesn't take a hit.
The Service Desk won't be swamped.
Ransomware and insider threats are mitigated.

Find out more about achieving least privilege with BeyondTrust's Privileged Access Management solutions today.

https://lnkd.in/eFHkyxGA

#leastprivilege #adminrights #privilegedaccessmanagement #PAM #endpointsecurity #beyondtrust #endpointmanagement #cybersecurity #cyberthreats #ransomware #ransomwareprotection #productivity #servicedesk #insiderthreats

Introduction

Redoing my #introduction as it was a bit of a sparse one when I joined 2 weeks ago.

I am a lifelong #technology enthusiast, having worked in Financial Services IT for more than 25 years, across multiple disciplines including:
* #Unisys #MCP-based #mainframe platforms (A17/A19/HMP NX 6800/Libra 180/Libra 6xx/Libra 890)
* #EMC #Symmetrix storage arrays (DMX 3/4 and most recently VMAX) including experience of #SRDF(S), SRDF(A), BCV
* #WindowsServer (2000 through 2019) including #ActiveDirectory
* Various #Linux/ #Unix OSes (#HPUX/ #RHEL/ #Centos/ #Ubuntu/ #Raspbian) including experience of #GFS/#GFS2 SAN storage clustering
* Virtual Tape Server technology (B&L/Crossroads/ETI Net SPHiNX, #TSM)
* Automation/Scripting (#PowerShell, #NT #Batch, #DOS, #Bash, #OPAL)
* #Security (#PrivilegedAccessManagement, #LeastPrivilege, #IAM, #Firewalls, #EDR)
* #BusinessContinuity/#DisasterRecovery (Design/Implementation/Operations)

I’m focused on learning and getting hands-on with #RaspberryPi at home and #cloud computing solutions both at work and at home.

I moved into a #SecurityEngineering role in 2020, so a lot of my focus is now more security focussed across all tech stacks.

My main focus at present when it comes to cloud is predominately #Microsoft #Azure, with Google and AWS of interest also, as well as other cloud infrastructure services such as those provided by CloudFlare, though I’m planning a move away from them due to their moral/ethical choices.

Away from work and tech, I love to #travel the world with my wife and enjoy very amateur #photography to record our adventures.

I also love most genres of #music, live in concert when I can, with a particular love of #Rock/ #Metal and also #Trance (coincidentally, given the profession of a somewhat more well known namesake of mine!).

In the 4th post on Least Privilege, I go into more detail on best practice & technologies for implementation of Least Privilege. As always, curious to know your reactions, opinions & insights.

https://cirriustech.co.uk/blog/secbytes-least-privilege-pt4/

#SecurityBytes #informationsecurity #leastprivilege

In this, the 3rd post on the topic of Least Privilege, I look at how you might implement Least Privilege and what the challenges are that meant that many organisations may struggle to do so. https://cirriustech.co.uk/blog/secbytes-least-privilege-pt3/ #SecurityBytes #informationsecurity #leastprivilege

In my latest post in the Security Bytes series, I talk about a term you probably hear a lot, but perhaps haven’t stopped to think about what it is - Least Privilege.

#SecurityBytes #Security #InfoSec #CyberSecurity #CyberSec #LeastPrivilege #CirriusTech

https://www.cirriustech.co.uk/blog/secbytes-least-privilege-pt2/

My #SecurityBytes blog series starts with Least Privilege, why it matters, why it’s not consistently enforced & how as an industry we can make things better.

First up, some history of admin privileges to set the scene

#InfoSec #CyberSec #LeastPrivilege
https://www.cirriustech.co.uk/blog/secbytes-least-privilege-pt1/