Top 10 Security Misconfigurations Exploited by Attackers

This week on Hacker And The Fed Microsoft releases their 2023 digital defense report, are paying ransoms illegal in the United States? The NSA and CISA red and blue teams share top 10 cyber security misconfigurations, a 158 year old company shuts down because of a ransomware attack, and we answer listener questions about fido2 security keys and "hacktivist" rules.

Links from the episode:

Microsoft Releases Its Yearly Digital Defense Report

https://www.microsoft.com/en-us/security/security-insider/microsoft-digital-defense-report-2023

Are Paying Ransoms Illegal in the U.S.?

https://www.huntonprivacyblog.com/2022/07/26/florida-enacts-law-prohibiting-state-agencies-from-paying-cyber-ransoms/

NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-278a

Zero-days for Hacking WhatsApp are Now Worth Millions of Dollars

https://techcrunch.com/2023/10/05/zero-days-for-hacking-whatsapp-are-now-worth-millions-of-dollars/

Lazarus Impersonated Meta Recruiter to Breach Spanish Aerospace Firm

https://www.helpnetsecurity.com/2023/10/02/lazarus-lightlesscan/

Kettering logistics firm enters administration with 730 jobs lost

https://www.bbc.com/news/uk-england-northamptonshire-66927965

FDA Cyber Mandates for Medical Devices Goes into Effect

https://cyberscoop.com/fda-cybersecurity-medical-devices/

City of Dallas Suffers a Ransomware Attack

https://dallascityhall.com/DCH%20Documents/dallas-ransomware-incident-may-2023-incident-remediation-efforts-and-resolution.pdf

International Committee of the Red Cross Published Rules of Engagement for Civilian Hackers Involved in Conflicts

https://www.bbc.co.uk/news/technology-66998064

https://www.theregister.com/2023/10/04/red_cross_hacktivist_rules/

Support our sponsors:

Go to JoinDeleteMe.com/FED and use the code FED20 for 20% off

Get your Hacker and the Fed merchandise at hackerandthefed.com

Send HATF your questions at questions@hackerandthefed.com