
‘Five Eyes’ Nations Release Joint Cybersecurity Advisory - infodocket
https://www.meritalk.com/articles/five-eyes-nations-release-joint-cybersecurity-advisory/
======
blindm
Ah yes, Autoruns[0], my first port of call in analyzing malware or stopping
malware from running. Such an invaluable tool

From the PDF here: [https://us-
cert.cisa.gov/sites/default/files/publications/AA...](https://us-
cert.cisa.gov/sites/default/files/publications/AA20-245A-Joint_CSA-
Technical_Approaches_to_Uncovering_Malicious_Activity_508.pdf)

> Use the Microsoft Windows Sysinternals Autoruns tool, which allows IT
> security practitioners toview—and, if needed, easily disable—most programs
> that automatically load onto the system.

[0] [https://docs.microsoft.com/en-
us/sysinternals/downloads/auto...](https://docs.microsoft.com/en-
us/sysinternals/downloads/autoruns)

~~~
barbecue_sauce
I’m not a windows guy, so this is an honest question: is your tone sarcastic?

~~~
rkagerer
I expect it's sincere but with a hint of sardonic edge that such a simple and
widespread tool found its way into the guidance issued by nation state level
intelligence agencies. Kind of like if NASA issued workmanship standards for
the ISS and mentioned the utility of a hammer.

~~~
kube-system
Lots of government agencies post best-practices for simple stuff. Getting the
basics right is important, both for government agencies and the general
public. NASA publications aren't all cutting edge space technology either:
[https://spaceplace.nasa.gov/telescopes/en/](https://spaceplace.nasa.gov/telescopes/en/)

------
blakesterz
The PDF of the release is at us-cert.cisa.gov:

[https://us-cert.cisa.gov/sites/default/files/publications/AA...](https://us-
cert.cisa.gov/sites/default/files/publications/AA20-245A-Joint_CSA-
Technical_Approaches_to_Uncovering_Malicious_Activity_508.pdf)

This joint advisory is the result of a collaborative research effort by the
cybersecurity authorities of five nations: Australia, Canada, New Zealand, the
United Kingdom, and the United States. It highlights technical approaches to
uncovering malicious activity and includes mitigation steps according to best
practices. The purpose of this report is to enhance incident response among
partners and network administrators along with serving as a playbook...

------
th0ma5
Took me a little bit to realize this is an announcement of a new collaboration
and initiative, and not any specific vulnerability, or am I still reading this
wrong?

~~~
shaunn
I thought the same. I feel they should have called it something like "Joint
Cybersecurity Advisory Protocol".

