![[White-Hat-Large-300px.png]] 2024-05-23 # Episode Number 29 - Mitigation * Missed the show? Well you can access the replay! * https://rumble.com/v4vn5ot-white-hat-security-episode-28-indications.html?mref=1xggrq&mc=9gx3l # General Discussion # Back to Basics ## Mitigation and Hardening ***We are going to focus on these topics within the scope of the home or small business user*** #### Mitigation * The process of reducing the impact of a security event or a potential event. * What kind of events? * Software exploitation. * Digital Data loss. * Cryptomalware. * Keep software up to date. * Understand how data moves in and out of your home/business. * Encryption. * Mobile Devices. * Laptops. * Cloud. * Backups. * Rights and permissions * Not everyone needs admin rights. * UAC * Old equipment. * Re-task * Recycle * Destruction of storage * Regular reviews of process, procedures and postures #### Hardening * Securing systems and networks * Again, ensure systems are up to date. * Remove unused software * Account limitations * Password policies * Least Privilege access model * Reset the password on any device that has a default password * EDR, Endpoint Detection and Response * For home and small business this will be in reality your Anti-virus * Run regular scans with a second product to ensure that nothing is being missed. * Encrypt files / entire volumes * Limit Network access * Use a guest network for personal devices at a small business. * Use a guest network for IoT devices. * Limit the number of Internet facing servers to ONLY what really needs to touch the Internet. * IoT devices. * Industrial Control Systems. * Etc. * Ensure the local machine's firewalls are enabled * Default policy should be to close all ports that are not actively being used. * There are no valid uses cases to have ports 0 through 65535. * Some applications will require this port range open. ## This week's news stories of note: * [[2024-05-20 WiFi Man In the Middle Downgrade Attacks]] * [[2024-05-20 De-Googling]] * [[2024-05-21 Foxit PDF Reader Exploit]] * [[2024-05-22 Critical GitHub Enterprise Server Flaw]] * [[2024-05-22 Cyber Criminals Exploit GitHub and FileZilla]] * [[2024-05-23 BreachForums is Back Online]] * [[2024-05-24 Living off the Land and File-less Malware]] * [[2024-05-24 Rockwell ICS Advisory]] # Have a question or topic suggestion? If you have a question or topic that you would like discussed on the show, send an email to [questions[@]whitehatsecurity[.]stream](mailto:questions@WhiteHatSecurity.stream?subject=Question%20for%20the%20show). * @NiceCrew (https://nicecrew.digital/@iamthejeeves) * @X formally known as 'Twitter' (https://x.com/iamthejeeves) If you like my content, why not send a little something my way? * ![[cashapp.jpg]][Cash App](https://cash.app/$iamjeeves) * <a href='https://ko-fi.com/J3J0Y7JVG' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi5.png?v=3' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a> * <a href='https://buymeacoffee.com/iamthejeeves' target='_blank'><img src='https://publish-01.obsidian.md/access/2a3e9ac93555ab5afe068f8fa291f1ec/Images/yellow-button.png' border='0' alt='Buy Me a Coffee' /></a> #ShowNotes #JeevesOriginalContent #WhiteHatSecurity