#4 - Zerø Trust

Title: Cybersecurity Growth #4 - Zerø TrustOpeningWhen You Arrived instrumental as theme song Welcome to Cybersecurity Growth. A show for aspiring and existing cybersecurity leaders. I’m your host Shawn Valle, Exec Director and CISO of Cybersecurity GrowthFormer Chief Security Officer of Rapid7 and former CISO of TricentisMusician here on Twitch and elsewhere, MusicBySV (more on that later)Top News Storieshttps://www.networkworld.com/article/3687168/ntt-palo-alto-partner-for-managed-sase-with-aiops.htmlBy Maria Korolov, Network WorldNTT, Palo Alto partner for managed SASE with AIOpsUsing a managed services provider to deliver SASE can streamline deployment and free up enterprise resources.“A new offering from IT services provider NTT combines Palo Alto Networks' Prisma SASE offering with NTT's managed network services and AIOps infrastructure.SASE – secure access service edge – has been gaining interest for its potential to reduce networking complexity while improving security. It combines SD-WAN with security services, including secure web access gateway (SWG), cloud access security broker (CASB), zero-trust network access (ZTNA), and firewall-as-a-service (FWaaS), in a single, cloud-delivered service model.”“The benefits of using an MSP for SASE include having a single source for setup and management, gaining access to skills that an enterprise might not have in house, and flexible financing models.”https://www.csoonline.com/article/3686610/hackers-abuse-legitimate-remote-monitoring-and-management-tools-in-attacks.htmlBy Lucian Constantin, CSO OnlineHackers abuse legitimate remote monitoring and management tools in attacksResearchers and government agencies warn that threat actors are increasing their use of commercial RMM tools to enable financial scams.“Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization's network and systems might not raise suspicion.Researchers from Cisco Talos reported this week that one particular commercial RMM tool called Syncro was observed in a third of the incident response cases the company was engaged in during the fourth quarter of 2022. However, this wasn't the only such tool used.Separately in a joint advisory this week, the US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA) the and Multi-State Information Sharing and Analysis Center (MS-ISAC) warned about the use of RMM tools in a refund scam that targeted the employees of multiple federal agencies.”My takeaway, if you aren’t currently being very diligent in removing remote access tools from your environment, and only explicitly allowing in certain tools, by certain users, on certain machines, …you should start making that a priority in your strategy.Death By Slides - Zerø Trust, a brief overviewWhat’chu Listening To or CreatingSaw G. Love & Donavan Frankenreiter in concert last night. Two different artists that are similar to and friends with Jack Johnson; both with a spin on blues. G. Love more Blues meets hip-hop, and...