ACS 5.8 to ISE 3.0 migration: The server selected protocol version TLS10 is not accepted by client preferences [TLS12]

Tried to migrate ACS 5.8 to ISE 3.0 but I was getting following message: “The server selected protocol version TLS10 is not accepted by client preferences [TLS12]”.
Since TLS 1.0 is disabled by default I had to enable it in java control panel (Oracle java 1.8) and also edit file C:\Program Files (x86)\Java\jre1.8.<some_version>\lib\security\java.security, remove TLSv1 from option jdk.tls.disabledAlgorithms and finally restart the migration application.

You can do the same in linux environment for openjdk by editing /usr/lib/jvm/java-11-openjdk-amd64/conf/security/java.security

Tnx to stackoverflow

Use Talos IP Blacklist on your ASA

Create bash script:

#!/bin/bash
    wget -q https://talosintelligence.com/documents/ip-blacklist
    ipblack=( $(cut -d ';' -f2 ip-blacklist ) )
    echo "conf t"
    for ip in "${ipblack[@]}"
        do
        echo "name $ip TALOS_BLACKLIST_$ip"
    done

    echo "no object-group network TALOS_BLACKLIST"
    echo "object-group network TALOS_BLACKLIST"
    for ip in "${ipblack[@]}"
        do
        echo "network-object host $ip"
    done
    echo "!"
    echo "exit"

Run it, copy-paste output to your ASA:

        ./talos-ipblacklist.sh > talos-blacklist.cfg

Source