October 9, 2023
This advisory underscores a pressing concern in cybersecurity: rampant misconfigurations in large organizations, with unrestricted code execution standing out as a particularly high risk. Adversaries will typically use an unverified program or command with no legitimate purpose or business reason for running on the endpoint to execute any number of malicious things. General mitigation advice says to limit or monitor the use of executables and command execution on each endpoint. However, this approach is unrealistic at scale, as the maintenance and monitoring of such activities would overwhelm most modern SOC teams. Instead, a more future-proof solution is to replace the underlying operating system altogether. Instead of servers, use containers. Instead of laptops, use mobile devices or Chromebooks. These devices are “secure by design”, which means the operating system treats security as a leading priority and limits most code execution out of the box.
Be immediately notified of new advisories and associated security tests