https://community.isc2.org/t5/Cleveland-Chapter-Discussion/August-2022-Meeting-Minutes/m-p/57170#M17 <P>Start: ##:##</P><P>Attendees: ##, # first time</P><P>Sponsor: Dell</P><P>Location: Improving, Independence, OH</P><P>Officers in attendance</P><UL><LI>Rob Netgen</LI><LI>Chris Hartley</LI><LI>Troy Sheley</LI><LI>Ted Kozenko</LI></UL><P>Information Security Summit Announcement</P><UL><LI>Call for volunteers</LI><LI>Announcement of registration</LI></UL><P>Job openings</P><UL><LI>.</LI></UL><P>Security Friends</P><UL><LI>Student Loans</LI><LI>Hacker News - ransomware customized to target</LI><LI>Intelex offers exploits for iOS and Android for $8MM</LI><LI>NH lottery website cyber attack</LI><LI>LockBit ransomware v3.0 tripe extortion level</LI><LI>Portugal airline prevent cyberattack</LI><LI>LastPass hacked</LI><LI>Russia malware hijacks ADFS to login</LI><LI>Lloyds of London will stop covering nations state attacks from ransomware policies</LI><LI>Okta hackers behind Twilio and Cloudflare</LI><LI>South Staffordshire Water announce cyber-attack, Clop misidentified</LI><LI>MS cannot stop scammers</LI><LI>Palto Alto bug</LI><LI>FBI &amp; CISA warns about Zeppelin million dollar demands</LI><LI>Anonymous poop gifting site hacked</LI><LI>Cisco confirms network breach</LI><LI>124 stories in August.</LI></UL><P>Topic 1: Rob Netgan - IBMi Cybersecurity</P><UL><LI>Redheaded stepchild of cybersecurity</LI><LI>Why - incredibly securable, but often not secured</LI><LI>Security pros don’t' know it</LI><LI>IBM'ers don't know security</LI><LI>Previously known as AS/400, introduced in 2008</LI><LI>Used by many firms</LI><LI>Runs business critical apps, bug DB, core to biz, ERP,</LI><LI>Often run by 1 person / small team</LI><LI>Often not pen tested or SIEM'ed</LI><LI>Need to consider IBMi in supply chain assessment</LI><LI>Can get IBMi in the cloud</LI><LI>Weaknesses</LI><UL><LI>Network drive mapped to root</LI><LI>One person departments</LI><LI>Old hardware and no support</LI><LI>Password limitations</LI><LI>Unencrypted network connections</LI><LI>Old firewall systems</LI></UL><LI>Recommendations</LI><UL><LI>Have IBMi and InfoSec talk</LI><LI>Demand IBMi savvy vendors when using IBMi</LI><LI>Demand security from IBMi vendors</LI><LI>Password level 3, upgraded from level 1</LI><LI>Maintain security, not once and done</LI><LI>Implement CIS controls</LI><LI>Implement exit-point based security app</LI><LI>Don't share IFS root</LI><LI>Lock down all objects and users</LI></UL></UL><P>End 19:41</P> Sat, 11 Feb 2023 00:55:55 GMT TedKozenko 2023-02-11T00:55:55Z https://community.isc2.org/t5/Cleveland-Chapter-Discussion/August-2022-Meeting-Minutes/m-p/57170#M17 <P>Start: ##:##</P><P>Attendees: ##, # first time</P><P>Sponsor: Dell</P><P>Location: Improving, Independence, OH</P><P>Officers in attendance</P><UL><LI>Rob Netgen</LI><LI>Chris Hartley</LI><LI>Troy Sheley</LI><LI>Ted Kozenko</LI></UL><P>Information Security Summit Announcement</P><UL><LI>Call for volunteers</LI><LI>Announcement of registration</LI></UL><P>Job openings</P><UL><LI>.</LI></UL><P>Security Friends</P><UL><LI>Student Loans</LI><LI>Hacker News - ransomware customized to target</LI><LI>Intelex offers exploits for iOS and Android for $8MM</LI><LI>NH lottery website cyber attack</LI><LI>LockBit ransomware v3.0 tripe extortion level</LI><LI>Portugal airline prevent cyberattack</LI><LI>LastPass hacked</LI><LI>Russia malware hijacks ADFS to login</LI><LI>Lloyds of London will stop covering nations state attacks from ransomware policies</LI><LI>Okta hackers behind Twilio and Cloudflare</LI><LI>South Staffordshire Water announce cyber-attack, Clop misidentified</LI><LI>MS cannot stop scammers</LI><LI>Palto Alto bug</LI><LI>FBI &amp; CISA warns about Zeppelin million dollar demands</LI><LI>Anonymous poop gifting site hacked</LI><LI>Cisco confirms network breach</LI><LI>124 stories in August.</LI></UL><P>Topic 1: Rob Netgan - IBMi Cybersecurity</P><UL><LI>Redheaded stepchild of cybersecurity</LI><LI>Why - incredibly securable, but often not secured</LI><LI>Security pros don’t' know it</LI><LI>IBM'ers don't know security</LI><LI>Previously known as AS/400, introduced in 2008</LI><LI>Used by many firms</LI><LI>Runs business critical apps, bug DB, core to biz, ERP,</LI><LI>Often run by 1 person / small team</LI><LI>Often not pen tested or SIEM'ed</LI><LI>Need to consider IBMi in supply chain assessment</LI><LI>Can get IBMi in the cloud</LI><LI>Weaknesses</LI><UL><LI>Network drive mapped to root</LI><LI>One person departments</LI><LI>Old hardware and no support</LI><LI>Password limitations</LI><LI>Unencrypted network connections</LI><LI>Old firewall systems</LI></UL><LI>Recommendations</LI><UL><LI>Have IBMi and InfoSec talk</LI><LI>Demand IBMi savvy vendors when using IBMi</LI><LI>Demand security from IBMi vendors</LI><LI>Password level 3, upgraded from level 1</LI><LI>Maintain security, not once and done</LI><LI>Implement CIS controls</LI><LI>Implement exit-point based security app</LI><LI>Don't share IFS root</LI><LI>Lock down all objects and users</LI></UL></UL><P>End 19:41</P> Sat, 11 Feb 2023 00:55:55 GMT https://community.isc2.org/t5/Cleveland-Chapter-Discussion/August-2022-Meeting-Minutes/m-p/57170#M17 TedKozenko 2023-02-11T00:55:55Z