9283 8B4A 87FE DC6E C327 EF05 70A8 B78D 1623 3FB5

  1. MongoDB Databases Targeted in Ransomware Attacks [again] , facilitated by unprotected admin accounts
    - “According to MongoDB’s Senior Director of Product Security, the ransomware attacks that recently targeted MongoDB databases were successful because administrator account passwords had not been set. MongoDB plans to strengthen security policies in the upcoming MongoDB 3.6.0 release.”
    ref: www.sans.org/newsletters/newsbites/xix/71#300 , www.sans.org/newsletters/newsbites/xix/72#301
    - And advice from the MongoDB themselves on what to do about it and how to secure your installation:
    1. www.mongodb.com/blog/post/how-to-avoid-a-malicious-attack-that-ransoms-your-data
    2. www.mongodb.com/blog/post/update-how-to-avoid-a-malicious-attack-that-ransoms-your-data
  2. NIST SP 1800-11 – Data Integrity: Recovering from Ransomware and Other Destructive Events
    - This 3-volume special publication “demonstrates how organizations can develop and implement appropriate actions following a detected cybersecurity event” and includes: a. Executive summary, b. Approach, architecture and security characteristics, and c. How-to guides
    ref: www.sans.org/newsletters/newsbites/xix/71#301
  3. ‘;—have i been pwned?
    - Verify if your email/username was in LinkedIn, Dropbox, MySpace, etc. breaches and your need to change your password (or take other appropriate action)

Next month (October) is Cyber Security Awareness Month. Look out for our next post with more information and resources…