Operation Cleaver #opcleaver
In this blog I wanted to take a quick look at how we should consider our adversaries today, and kudo's to a great report. The operation Cleaver report put out by Cylance outlines how Iran has been actively targeting the world market and the Internet as a whole. If you don't have time to read the entire report I'd recommend you review pages 32- 35 that discusses the initial methods of compromise. It's a good practice to understand how adversaries get into your network to know how to protect yourself. Here's a quick look at defenses you need to consider: Compromise 1 - SQL injection attacks - This attack counts on administrators not setting up a SQL server with security in mind. Resolving this can be done by patching and maintaining SQL servers that are on your perimeter network. Make sure that you configure your edge with security in mind. Consider this guidance as a good practice: A quick Technet article on protecting against SQL injections