TLS Server Certificate
Organizations that do not have a plan are at higher risk for system outages and security breaches, which can result in:
revenue loss
harm to reputation or brand
loss of privacy
exposure of confidential data to attackers
Management | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
Organizations that do not have a plan are at higher risk for system outages and security breaches, which can result in:
revenue loss
harm to reputation or brand
loss of privacy
exposure of confidential data to attackers
Management | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
Forwarded from Листок бюрократической защиты информации
Роскомнадзор разработал памятку для торговых площадок, использующих персональные данные участников электронных аукционов.
Новый подкласс средств ханипотов- канарейки? https://twitter.com/sb0risov/status/1153300375350521857?s=09
Twitter
Sergey Borisov
Статья про использование "канареек" на службе ИБ https://t.co/vXZIwiOGkE
Mobile Device Security: Corporate-Owned Personally-Enabled | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/mobile-device-security/corporate-owned-personally-enabled
https://www.nccoe.nist.gov/projects/building-blocks/mobile-device-security/corporate-owned-personally-enabled
Siemens contractor pleads guilty to planting logic bomb in company spreadsheets | ZDNet
https://www.zdnet.com/article/siemens-contractor-pleads-guilty-to-planting-logic-bomb-in-company-spreadsheets/
https://www.zdnet.com/article/siemens-contractor-pleads-guilty-to-planting-logic-bomb-in-company-spreadsheets/
ZDNet
Siemens contractor pleads guilty to planting logic bomb in company spreadsheets
Logic bomb would crash spreadsheets after a certain date, resulting in Siemens hiring the contractor to fix the latest bugs.
Инфографика от IBM и института Понемона по стоимости утечек данных.
https://databreachcalculator.mybluemix.net/
https://databreachcalculator.mybluemix.net/
Сценарии пентеста публичного облака.
https://cloudsecurityalliance.org/artifacts/cloud-penetration-testing-playbook/
https://cloudsecurityalliance.org/artifacts/cloud-penetration-testing-playbook/
CSA
Cloud Penetration Testing Playbook | CSA
As cloud services continue to enable new technologies and see massive adoption there is a need to extend the scope of penetration testing into public cloud systems and components. The process described here aims to provide the foundation for a public cloud…
Forwarded from ZLONOV security
Агентство кибербезопасности и безопасности инфраструктуры (The Cybersecurity and Infrastructure Security Agency — CISA) выпустило инфографику о факторах риска беспроводных сетей 5G.
https://www.dhs.gov/sites/default/files/publications/pdm19028_5g_risk_characterizationc_v14_05july2019.pdf
https://www.dhs.gov/sites/default/files/publications/pdm19028_5g_risk_characterizationc_v14_05july2019.pdf
Ransomware: Why cities have become such a big target for cyberattacks - and why it'll get worse | ZDNet
https://www.zdnet.com/article/ransomware-why-cities-have-become-such-a-big-target-for-cyberattacks-and-why-itll-get-worse-before-it-gets-better/
https://www.zdnet.com/article/ransomware-why-cities-have-become-such-a-big-target-for-cyberattacks-and-why-itll-get-worse-before-it-gets-better/
ZDNet
Ransomware: Why cities have become such a big target for cyberattacks - and why it'll get worse
A number of US cities have paid ransoms of hundreds of thousands of dollars after getting caught out by hackers -- and if the business model is working, cybercriminals will keep exploiting it.
Разрыв в представлении о безопасности кода и программирования.
https://www.schneier.com/blog/archives/2019/07/software_develo.html
https://www.schneier.com/blog/archives/2019/07/software_develo.html