<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle18
{mso-style-type:personal;
font-family:"Courier New";
color:windowtext;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hey folks,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">If you’re not the patchmanagement (for WSUS) mailing list, this came in a week ago and ended up generating a LOT of discussion around domain admin access and related. The Lockheed Martin link has whitepapers at the end. I’ve not read
it thoroughly, but definitely looks worth while if you’re concerned about security.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">-Lee<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> patchmanagement@googlegroups.com <patchmanagement@googlegroups.com>
<b>On Behalf Of </b>Job Cacka<br>
<b>Sent:</b> Friday, April 26, 2019 6:42 PM<br>
<b>To:</b> patchmanagement <patchmanagement@googlegroups.com><br>
<b>Subject:</b> [patchmanagement] OT: Lockheed Martin Cyber Kill Chain<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">Off topic but security updates to mitigate vulnerabilities is a high priority for us. One thing I reinforce to my coworkers is that each of us are responsible for our own due diligence. People are
good at knowing something doesn’t seem right. In some places this translates into see something, say something and that is a good beginning.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">Here is an illustration by Lockheed Martin that takes the military concept of a kill chain (the steps or links in an attack) and applies them to computer security. Keeping updated is a component in
breaking this kill chain before it results in a successful attack. <o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">This is actually a few years old.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><a href="https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html">https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html#</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">Here is a more recent SANS article on using the illustration practically and elaborating on the human element.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><a href="https://www.sans.org/security-awareness-training/blog/applying-security-awareness-cyber-kill-chain">https://www.sans.org/security-awareness-training/blog/applying-security-awareness-cyber-kill-chain</a><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New""><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Courier New"">Job </span><span style="font-size:8.0pt;font-family:"Courier New""><o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">-- <br>
You received this message because you are subscribed to the Google Groups "PatchManagement" group.<br>
To unsubscribe from this group and stop receiving emails from it, send an email to
<a href="mailto:patchmanagement+unsubscribe@googlegroups.com">patchmanagement+unsubscribe@googlegroups.com</a>.<br>
To post to this group, send email to <a href="mailto:patchmanagement@googlegroups.com">
patchmanagement@googlegroups.com</a>.<br>
Visit this group at <a href="https://groups.google.com/group/patchmanagement">https://groups.google.com/group/patchmanagement</a>.<br>
To view this discussion on the web visit <a href="https://groups.google.com/d/msgid/patchmanagement/143401d4fc81%243f9f4410%24beddcc30%24%40ccbox.com?utm_medium=email&utm_source=footer">
https://groups.google.com/d/msgid/patchmanagement/143401d4fc81%243f9f4410%24beddcc30%24%40ccbox.com</a>.<br>
For more options, visit <a href="https://groups.google.com/d/optout">https://groups.google.com/d/optout</a>.<o:p></o:p></p>
</div>
</body>
</html>