News

September 9, 2021

Cyber Florida Announces Start-Up Seed Fund Pilot Program

Cyber Florida today announced the Seed Fund Pilot Program launch, a new initiative to support Florida-based researchers and emerging entrepreneurs in commercializing their cybersecurity technical innovations, launching new businesses, and helping secure critical infrastructure.

Modeled after the federal Small Business Administration’s (SBA) Small Business Innovative Research (SBIR)/Small Business Technology Transfer Program (STTR) Phase I programs, the Seed Fund Pilot is intended to complement and amplify other statewide efforts to encourage innovation, such as the Florida High-Tech Corridor, I-Corps, and incubators and accelerators around the state, by filling in the missing pieces of seed funding and mentoring for commercialization.

The effort will focus on mentoring new entrepreneurs to help them establish businesses centered on cybersecurity technical solutions and services. The program will advance Cyber Florida’s legislative mission by facilitating research sharing between businesses and universities, attracting cybersecurity companies to Florida, and helping innovative cybersecurity businesses to emerge in Florida.

During the inaugural year, Cyber Florida will evaluate applications and grant approximately $240,000 in total seed funding to be distributed among four emerging companies that are registered and operating in Florida. Like SBIR programs, Cyber Florida will take no equity or realize any return from these investments. To learn more about this new program and download the application packet, please visit https://cyberflorida.org/seedfund.

2023-05-30T13:24:14-04:00May 30, 2023|
Read More

Developing Cybersecurity Curriculum with Cyber Threat Intelligence and Honeypot Platform

Join UNF on June 26, 2023 for a workshop on cybersecurity curriculum development!

With the rapid development of attackers’ Techniques, Tactics, and Procedures (TTP), it is necessary for cybersecurity analysts to develop cyber defense knowledge to protect cyber assets. The field of cyber threat intelligence provides a broad range of techniques for collecting useful information to analyze the attacker’s TTP. In this workshop hosted by the University of North Florida, instructors will discuss the development of a Cyber Threat Intelligence course. Moreover, they will discuss how the deployment of a Honeypot server can be used to improve students’ understanding of cyberattacks. Finally, they will discuss issues and considerations related to the development of cybersecurity curricula.

This workshop is open to all – click the link below to register!

Register Now
2023-07-31T13:16:55-04:00May 23, 2023|
Read More

Tampa Bay Safety Summit

Port Tampa Bay and Tampa International Airport are proud to announce the 8th Annual Tampa Bay Safety Summit!

The 2023 Tampa Bay Safety Summit will include a vast range of local, state and federal representatives, as well as a variety of industry experts to engage you with presentations and panel discussions relating to safety, security and operational readiness, in an open forum setting.

This year’s keynote speaker will be General Kenneth F. “Frank” McKenzie, USMC, Retired. General McKenzie is the former Commander, United States Central Command (CENTCOM). His distinguished and highly decorated military career includes over 42 years of honorable service to our country. Today, General McKenzie serves as the Executive Director of Cyber Florida as well as USF’s Global and National Security Institute.

Additionally, Cyber Florida’s Emilio F. Salabarria will be presenting on the Critical Infrastructure Risk Assessment. If you want to learn more about this initiative and how your organization can help protect Florida, register now and ask your questions live!

Featured Speakers

  • General Kenneth F. “Frank” McKenzie, USMC, Retired – Executive Director USF Global and National Security Insitute & Executive Director Florida Center for Cybersecurity, aka Cyber Florida
  • Emilio F. Salabarria, Deputy Senior Executive Advisor, Cyber Florida
  • Paul Anderson, President and CEO, Port Tampa Bay
  • Dr. Yu Yu Zhang, Department of Civil and Environmental Engineering at University of South Florida (USF)
  • And more!

Agenda

  • Session 1 – Port Resiliencey (Maritime and Aviation)
  • Session 2 – Drones & Advanced Air Mobility
  • Session 3 – Current Challenges for CBP in the Maritime & Aviation Environment
  • Session 4 – Statewide Critical Infrastructure Risk Assessment

Event Details

  • When – Tuesday, June 06, 2023
    • Sign-in and Continental Breakfast starts at 7:45 AM
  • Where – Tampa International Airport, Main Terminal Event Space
    • Parking available in the Economy Parking Lot
    • Take SkyConnect Train to Main Terminal. Access station from elevators located on Level 1 of the garage
    • Event Space is located in between Airsides E & F on Level 3
    • Parking validation will be provided at sign-in
Learn more and register
2023-07-31T13:20:54-04:00May 22, 2023|
Read More

2023 FBI Cyber and Emerging Threat Symposium

Join us June 1, 2023 for the FBI Cyber and Emerging Threat Symposium!

An external attacker can breach an organization’s network perimeter and gain access to local network resources in 93% of cases. This study included financial organizations, fuel and energy organizations, government bodies, industrial businesses, IT companies and other sectors.

As cybercriminals continue to breach organizations the Florida Technology Council, in partnership with the Federal Bureau of Investigation, Cyber Florida and the University of Florida bring you the latest cybersecurity trends, threats and necessary information to protect yourself and your organization before, during, and after an attack.

This free symposium will feature presentations and question and answer sessions with FBI special agents who specialize in combating and investigating cybercrimes, foreign intelligence matters, crimes against children and more. And we aren’t stopping there – for the first time ever, this event will include a Cyber Table Top Exercise and Incident Response Plan Discussion, a Counter Intelligence Threat Presentation from the FBI, as well as a high level session hosted by the Cybersecurity and Infrastructure Security Agency.

Discover the tactics identity thieves use, how to protect your organization and so much more. This educational symposium is open to all county, city, and municipality leadership as well as academic and business professionals without cost.

Register
2023-06-05T10:47:20-04:00May 22, 2023|
Read More

Seed Fund Pilot Program Application Upload

Click or drag a file to this area to upload.
Click or drag your PDF application here to upload.
2023-05-19T16:44:21-04:00May 19, 2023|
Read More

The Ferré Institute CLASS: A Conversation about Cybersecurity Culture

Join us on June 8, 2023 for a conversation on promoting Cybersecurity Culture in your organization.

The Ferré Institute’s Civic Leadership and Service Series (CLASS) offers engaging discussions with public service leaders in the areas of civic engagement and leadership, community infrastructure, and social justice.

Co-Sponsored by: FIU Jorge M. Pérez

Metropolitan Center Partners:

  • Jack D. Gordon Institute for Public Policy
  • Department of Public Policy and Administration
  • The Children’s Trust of Miami-Dade County
  • Broward County Children’s Services Council American Society for Public Administration – South Florida Chapter
Register Now
2023-07-31T13:16:55-04:00May 18, 2023|
Read More

Gautam ‘Gotham’ Sharma – a cybersecurity consultant and comedian who injects fun into infosec

Gotham Sharma is a cybersecurity consultant, writer, educator, and stand-up comic. He’s on a mission to help folks build successful careers in information security through his latest venture, AccessCyber.co. In his training, Gotham leverages humor to make security awareness and education relatable to audiences of various technical backgrounds. Inspired by satire publications like The Onion, Gotham recently launched an infosec magazine called Brute Farce Attack, one of the many projects on his growing list of side hustles. In this episode of No Password Required, Gotham joins Carlton Fields’s Jack Clabby and KnowBe4’s Kayley Melton to share how his life changed after a well-intentioned anti-mentor inspired him. Jack and Kayley discuss IARPA’s plan to hack hackers’ brains as the agency considers reimagining security with cyberpsychology-informed network defenses.

You can connect with Gotham on Twitter here: @GothamJSharma

You can learn more about AccessCyber here: https://accesscyber.co/

You can learn more about Brute Farce Attack here: https://www.brutefarceattack.com/

2023-04-28T12:50:21-04:00May 2, 2023|
Read More

The Women of Talos

The Women of Talos

Cisco Talos is one of the world’s most trusted threat intelligence organizations. Their team works to defend Cisco customers against known and emerging threats, identify new vulnerabilities in software, and interdict threats in the wild before they can wreak havoc against the internet. This month on Do We Belong Here, Pam and Tashya speak with Talos’ Amy Henderson, Director of Strategic Planning and Communications; Sammi Seaman, the Lead of Employee Experience; Alexis Childers, Security Engineer; and Kaitlin Acharya, the Strategic Operations Lead of Threat Intelligence and Interdiction. The group discusses work culture and what institutes an open and safe environment, the value of connecting the technical and non-technical sides of cybersecurity, and how remaining tenacious can be one of the most useful skills as a woman in cyber. Warning: this episode features a lot of laughter, mutual respect, and woman power!

2023-04-25T17:27:22-04:00April 25, 2023|
Read More

Putts and PD: Professional Development to Get You On The Ball

Cyber Florida’s Operation K12 and AFCEA’s Central Florida Chapter invites new and veteran cybersecurity teachers, principals, and career and technical education coordinators to the 3rd Annual Putts and PD Event!

Day 1 will be virtual and will include guest speakers, curriculum resources, and valuable classroom tools. Day 2 will be held at Top Golf in Tampa and will include a live demo of the Florida Cyber Hub, 2 hours of golf, food, and drink, most importantly, networking with some of the best teachers in the business from across the state!

Teachers must attend Day 1 to be eligible for Day 2. All others may attend one or both days.

All attendees must register for each day of the event separately.

Day 1: July 27 9:00 am- 3:00 pm ET

Day 2: July 28 10:00 am- 2:00 pm ET

Register Now
2023-08-18T13:29:10-04:00April 19, 2023|
Read More

Critical Vulnerabilities in Microsoft and Fortinet Products

I. Targeted Entities

  • Windows and Fortinet systems

II. Introduction

Several critical vulnerabilities were discovered in both Microsoft and Fortinet products, where remote code execution and arbitrary code execution can be leveraged, respectively.

For both companies, these vulnerabilities can allow an attacker to install programs; view, change, or delete data; or create new accounts with full user rights. User accounts configured with fewer user rights could be less impacted when compared to user accounts operating with administrative rights.

III. Background Information

Microsoft has revealed that their security update for the month of April consisted of an update to fix a total of 97 flaws; one being an actively exploited zero-day vulnerability. Microsoft reported seven vulnerabilities to be labeled as “critical,” the most serious classification that can be used. The types of vulnerabilities that were provided in Microsoft’s advisory are the following: elevation of privilege, security feature bypass, remote code execution, information disclosure, denial of service, and spoofing (Abrams, 2023).

As for the zero-day vulnerability, known as CVE-2023-28252, it is a Windows common log file system driver elevation privilege vulnerability; this allows for the user privilege to be escalated to SYSTEM, which is the highest privilige in Windows. Microsoft also reported that this vulnerability was seen in the wild before the security updates patched the vulnerability (MS-ISAC, 2023).

Moreover, a cybersecurity solutions provider, Fortinet, has announced their release of patch for several high-security flaws in products such as FortiOS, FortiProxy, FortiSandbox, FortiWeb, FortiClient, and FortiManager. These issues could allow for cross-site scripting attacks, unauthorized API calls, command execution, arbitrary code execution, privilege escalation, and man-in-the-middle attacks. Fortinet also reported a critical missing authentication vulnerability, tracked as CVE-2022-41331 with a CVSS score of 9.3, in the infrastructure server for FortiPresence. This could be exploited by a remote and unauthenticated attacker through crafted authentication requests to access Redis and MongoDB instances; (Arghire, 2023).

Affected Microsoft Systems:

  • NET Core
  • Azure Machine Learning
  • Azure Service Connector
  • Microsoft Bluetooth Driver
  • Microsoft Defender for Endpoint
  • Microsoft Dynamics
  • Microsoft Dynamics 365 Customer Voice
  • Microsoft Edge (Chromium-based)
  • Microsoft Graphics Component
  • Microsoft Message Queuing
  • Microsoft Office
  • Microsoft Office Publisher
  • Microsoft Office SharePoint
  • Microsoft Office Word
  • Microsoft PostScript Printer Driver
  • Microsoft Printer Drivers
  • Microsoft WDAC OLE DB provider for SQL
  • Microsoft Windows DNS
  • Visual Studio
  • Visual Studio Code
  • Windows Active Directory
  • Windows ALPC
  • Windows Ancillary Function Driver for WinSock
  • Windows Boot Manager
  • Windows Clip Service
  • Windows CNG Key Isolation Service
  • Windows Common Log File System Driver
  • Windows DHCP Server
  • Windows Enroll Engine
  • Windows Error Reporting
  • Windows Group Policy
  • Windows Internet Key Exchange (IKE) Protocol
  • Windows Kerberos
  • Windows Kernel
  • Windows Layer 2 Tunneling Protocol
  • Windows Lock Screen
  • Windows Netlogon
  • Windows Network Address Translation (NAT)
  • Windows Network File System
  • Windows Network Load Balancing
  • Windows NTLM
  • Windows PGM
  • Windows Point-to-Point Protocol over Ethernet (PPPoE)
  • Windows Point-to-Point Tunneling Protocol
  • Windows Raw Image Extension
  • Windows RDP Client
  • Windows Registry
  • Windows RPC API
  • Windows Secure Boot
  • Windows Secure Channel
  • Windows Secure Socket Tunneling Protocol (SSTP)
  • Windows Transport Security Layer (TLS)
  • Windows Win32K

Affected Fortinet Systems:

  • FortiDDoS-F versions prior to 6.4.1
  • FortiDDoS versions prior to 5.7.0
  • FortiADC versions prior to 7.2.0
  • FortiAnalyzer versions prior to 7.2.2
  • FortiManager versions prior to 7.2.2
  • FortiAuthenticator versions prior to 6.5.0
  • FortiClientMac versions prior to 7.2.0
  • FortiClientWindows versions prior to 7.2.0
  • FortiOS versions prior to 7.2.4
  • FortiNAC-F versions prior to 7.2.0
  • FortiNAC versions prior to 9.4.2
  • FortiProxy versions prior to 7.2.3
  • FortiPresence versions prior to 2.0.0
  • FortiSOAR versions prior to 8.0.0
  • FortiSandbox versions prior to 4.2.3
  • FortiDeceptor versions prior to 4.2.0
  • FortiWeb versions prior to 7.2.0
  • FortiSIEM versions prior to 6.5.0

VI. CVEs (Common Vulnerabilities and Exposures)

  • CVE-2023-28252 – Windows Common Log File System Driver Elevation of Privilege Vulnerability – Elevates privileges to SYSTEM, the highest user privilege level in Windows
  • CVE-2022-40679 – FortiADC / FortiDDoS / FortiDDoS-F – Command injection in log & report module: An improper neutralization of special elements used in an OS command vulnerability in FortiADC, FortiDDoS and FortiDDoS-F may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
  • CVE-2022-41330 – FortiOS / FortiProxy – Cross Site Scripting vulnerabilities in administrative interface: Multiple improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerabilities in FortiOS & FortiProxy administrative interface may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP or HTTPS GET requests.
  • CVE-2022-43952 – FortiADC – Cross-Site Scripting in Fabric Connectors: An improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability in FortiADC may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.
  • CVE-2022-43955 – FortiNAC – FortiWeb – XSS vulnerability in HTML generated attack report files: An improper neutralization of input during web page generation in the FortiWeb web interface may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report.
  • CVE-2022-30850 – FortiAuthenticator – Reflected XSS in the password reset page: An improper neutralization of script-related HTML tags in a web page vulnerability in FortiAuthenticator may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the “reset-password” page.
  • CVE-2023-27995 – FortiSOAR – Server-side Template Injection in playbook execution: An improper neutralization of special elements used in a template engine vulnerability in FortiSOAR management interface may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.

V. Recommendations

Microsoft Systems:

Apply appropriate patches or appropriate mitigations provided by Microsoft to vulnerable systems immediately after appropriate testing. (M1051: Update Software)

  • Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.
  • Safeguard 7.4: Perform Automated Application Patch Management: Perform application updates on enterprise assets through automated patch management on a monthly, or more frequent, basis.
  • Apply the Principle of Least Privilege to all systems and services, and run all software as a non-privileged user (one without administrative rights) to diminish the effects of a successful attack. (M1026: Privileged Account Management)
  • Safeguard 4.7: Manage Default Accounts on Enterprise Assets and Software: Manage default accounts on enterprise assets and software, such as root, administrator, and other pre-configured vendor accounts. Example implementations can include: disabling default accounts or making them unusable.
  • Safeguard 5.4: Restrict Administrator Privileges to Dedicated Administrator Accounts: Restrict administrator privileges to dedicated administrator accounts on enterprise assets. Conduct general computing activities, such as internet browsing, email, and productivity suite use, from the user’s primary, non-privileged account.
  • Remind all users not to visit untrusted websites or follow links/open files provided by unknown or untrusted sources. (M1017: User Training)
  • Safeguard 14.1: Establish and Maintain a Security Awareness Program: Establish and maintain a security awareness program. The purpose of a security awareness program is to educate the enterprise’s workforce on how to interact with enterprise assets and data in a secure manner. Conduct training at hire and, at a minimum, annually. Review and update content annually, or when significant enterprise changes occur that could impact this Safeguard.
  • Safeguard 14.2: Train Workforce Members to Recognize Social Engineering Attacks: Train workforce members to recognize social engineering attacks, such as phishing, pre-texting, and tailgating.
  • Use capabilities to prevent suspicious behavior patterns from occurring on endpoint systems. This could include suspicious process, file, API call, etc. behavior. (M1040 : Behavior Prevention on Endpoint)
  • Safeguard 13.2 : Deploy a Host-Based Intrusion Detection Solution: Deploy a host-based intrusion detection solution on enterprise assets, where appropriate and/or supported.
  • Safeguard 13.7 : Deploy a Host-Based Intrusion Prevention Solution: Deploy a host-based intrusion prevention solution on enterprise assets, where appropriate and/or supported. Example implementations include use of an Endpoint Detection and Response (EDR) client or host-based IPS agent.

Fortinet Systems:

Apply appropriate updates provided by FortiNet to vulnerable systems immediately after appropriate testing. (M1051: Update Software)

  • Safeguard 7.1: Establish and Maintain a Vulnerability Management Process: Establish and maintain a documented vulnerability management process for enterprise assets. Review and update documentation annually, or when significant enterprise changes occur that could impact this Safeguard.
  • Safeguard 7.2: Establish and Maintain a Remediation Process: Establish and maintain a risk-based remediation strategy documented in a remediation process, with monthly, or more frequent, reviews.
  • Safeguard 7.3: Perform Automated Operating System Patch Management: Perform operating system updates on enterprise assets through automated patch management on a monthly, or more frequent, basis.
  • Safeguard 7.4: Perform Automated Application Patch Management: Perform application updates on enterprise assets through automated patch management on a monthly, or more frequent, basis.
  • Safeguard 7.6: Perform Automated Vulnerability Scans of Externally-Exposed Enterprise Assets: Perform automated vulnerability scans of externally-exposed enterprise assets using a SCAP-compliant vulnerability scanning tool. Perform scans on a monthly, or more frequent, basis.
  • Safeguard 7.7: Remediate Detected Vulnerabilities: Remediate detected vulnerabilities in software through processes and tooling on a monthly, or more frequent, basis, based on the remediation process.
  • Safeguard 12.1: Ensure Network Infrastructure is Up-to-Date: Ensure network infrastructure is kept up-to-date. Example implementations include running the latest stable release of software and/or using currently supported network-as-a-service (NaaS) offerings. Review software versions monthly, or more frequently, to verify software support.
  • Safeguard 18.1: Establish and Maintain a Penetration Testing Program: Establish and maintain a penetration testing program appropriate to the size, complexity, and maturity of the enterprise. Penetration testing program characteristics include scope, such as network, web application, Application Programming Interface (API), hosted services, and physical premise controls; frequency; limitations, such as acceptable hours, and excluded attack types; point of contact information; remediation, such as how findings will be routed internally; and retrospective requirements.
  • Safeguard 18.2: Perform Periodic External Penetration Tests: Perform periodic external penetration tests based on program requirements, no less than annually. External penetration testing must include enterprise and environmental reconnaissance to detect exploitable information. Penetration testing requires specialized skills and experience and must be conducted through a qualified party. The testing may be clear box or opaque box.
  • Safeguard 18.3: Remediate Penetration Test Findings: Remediate penetration test findings based on the enterprise’s policy for remediation scope and prioritization.
  • Vulnerability scanning is used to find potentially exploitable software vulnerabilities to remediate them. (M1016: Vulnerability Scanning)
    • Safeguard 16.13: Conduct Application Penetration Testing: Conduct application penetration testing. For critical applications, authenticated penetration testing is better suited to finding business logic vulnerabilities than code scanning and automated security testing.Penetration testing relies on the skill of the tester to manually manipulate an application as an authenticated and unauthenticated user.
  • Apply the Principle of Least Privilege to all systems and services. Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack. (M1026: Privileged Account Management)
    • Safeguard 4.7: Manage Default Accounts on Enterprise Assets and Software: Manage default accounts on enterprise assets and software, such as root, administrator, and other pre-configured vendor accounts. Example implementations can include: disabling default accounts or making them unusable.
    • Safeguard 5.4: Restrict Administrator Privileges to Dedicated Administrator Accounts: Restrict administrator privileges to dedicated administrator accounts on enterprise assets. Conduct general computing activities, such as internet browsing, email, and productivity suite use, from the user’s primary, non-privileged account.
    • Safeguard 5.5: Establish and Maintain an Inventory of Service Accounts: Establish and maintain an inventory of service accounts. The inventory, at a minimum, must contain department owner, review date, and purpose. Perform service account reviews to validate that all active accounts are authorized, on a recurring schedule at a minimum quarterly, or more frequently.
    • Safeguard 6.8: Define and Maintain Role-Based Access Control: Define and maintain role-based access control, through determining and documenting the access rights necessary for each role within the enterprise to successfully carry out its assigned duties. Perform access control reviews of enterprise assets to validate that all privileges are authorized, on a recurring schedule at a minimum annually, or more frequently.
  • Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems. (M1030: Network Segmentation)
    • Safeguard 12.2: Establish and Maintain a Secure Network Architecture: Establish and maintain a secure network architecture. A secure network architecture must address segmentation, least privilege, and availability, at a minimum.
  • Restrict execution of code to a virtual environment on or in transit to an endpoint system. (M1048: Application Isolation and Sandboxing)
    • Safeguard 16.8: Separate Production and Non-Production Systems: Maintain separate environments for production and non-production systems.
  • Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring. (M1050: Exploit Protection)
    • Safeguard 10.5: Enable Anti-Exploitation Features: Enable anti-exploitation features on enterprise assets and software, where possible, such as Microsoft® Data Execution Prevention (DEP), Windows® Defender Exploit Guard (WDEG), or Apple® System Integrity Protection (SIP) and Gatekeeper™.
  • Restrict use of certain websites, block downloads/attachments, block Javascript, restrict browser extensions, etc. (M1021: Restrict Web-Based Content)
    • Safeguard 9.2: Use DNS Filtering Services: Use DNS filtering services on all enterprise assets to block access to known malicious domains.
    • Safeguard 9.3: Maintain and Enforce Network-Based URL Filters: Enforce and update network-based URL filters to limit an enterprise asset from connecting to potentially malicious or unapproved websites. Example implementations include category-based filtering, reputation-based filtering, or through the use of block lists. Enforce filters for all enterprise assets.
    • Safeguard 9.6: Block Unnecessary File Types: Block unnecessary file types attempting to enter the enterprise’s email gateway.
  • Inform and educate users regarding the threats posed by hypertext links contained in emails or attachments especially from un-trusted sources. Remind users not to visit un-trusted websites or follow links provided by unknown or un-trusted sources. (M1017: User Training)
    • Safeguard 14.1: Establish and Maintain a Security Awareness Program: Establish and maintain a security awareness program. The purpose of a security awareness program is to educate the enterprise’s workforce on how to interact with enterprise assets and data in a secure manner. Conduct training at hire and, at a minimum, annually. Review and update content annually, or when significant enterprise changes occur that could impact this Safeguard.
    • Safeguard 14.2: Train Workforce Members to Recognize Social Engineering Attacks: Train workforce members to recognize social engineering attacks, such as phishing, pre-texting, and tailgating.

VII. References

Arghire, I. (2023, April 12). Fortinet Patches Critical Vulnerability in Data Analytics Solution. SecurityWeek. Retrieved April 12, 2023, from https://www.securityweek.com/fortinet-patches-critical-vulnerability-in-data-analytics-solution/

Abrams, L. (2023, April 11). Microsoft April 2023 Patch Tuesday Fixes 1 Zero-day, 97 Flaws. BleepingComputer. Retrieved April 12, 2023, from https://www.bleepingcomputer.com/news/microsoft/microsoft-april-2023-patch-tuesday-fixes-1-zero-day-97-flaws/

MS-ISAC. (2023, April 11). MS-ISAC CYBERSECURITY ADVISORY – Critical Patches Issued for Microsoft Products April 11, 2023 – PATCH NOW – TLP: CLEAR

MS-ISAC. (2023, April 12). MS-ISAC CYBERSECURITY ADVISORY – Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution – PATCH NOW – TLP: CLEAR

Threat Advisory created by The Cyber Florida Security Operations Center. Contributing Security Analysts: Sreten Dedic

2023-04-19T11:03:30-04:00April 13, 2023|
Read More

Hosted by the University of South Florida
4202 E. Fowler Avenue, ISA7020
Tampa, FL 33620
outreach@cyberflorida.org
813-974-2604

Office meetings by appointment only

CONTACT US

PRIVACY POLICY

Copyright 2024 The Florida Center for Cybersecurity. Information on this website is made available for general educational purposes only and should not be used in lieu of obtaining competent legal advice from a licensed attorney or cybersecurity professional with sufficient expertise necessary to address your specific needs. Use of this website does not create any special or fiduciary relationship between you and the Florida Center for Cybersecurity or the University of South Florida.