Cybersecurity: Poised for a giant leap forward | SC Media
https://www.scmagazine.com/home/security-news/ransomware/poised-for-a-giant-leap-forward/
https://www.scmagazine.com/home/security-news/ransomware/poised-for-a-giant-leap-forward/
SC Media
Cybersecurity: Poised for a giant leap forward | SC Media
Cybersecurity has enjoyed good health but is the industry itching for innovation and transformation – and the next big thing?
Follow the cybersecurity money | SC Media
https://www.scmagazine.com/home/security-news/features/follow-the-cybersecurity-money/
https://www.scmagazine.com/home/security-news/features/follow-the-cybersecurity-money/
SC Media
Follow the cybersecurity money | SC Media
Venture capitalists have poured money into cybersecurity in recent years – their investments offer a glimpse at what products, solutions and startups are
RDP - the most exploitable by ransomeware protocol in the last 3 quarters.
Ransomware victims are paying out millions a month. One particular version has cost them the most | ZDNet
https://www.zdnet.com/article/fbi-ransomware-victims-have-paid-out-140-million-one-version-has-cost-them-the-most/
Ransomware victims are paying out millions a month. One particular version has cost them the most | ZDNet
https://www.zdnet.com/article/fbi-ransomware-victims-have-paid-out-140-million-one-version-has-cost-them-the-most/
ZDNet
Ransomware victims are paying out millions a month. One particular version has cost them the most | ZDNet
Over six-and-a-half years, ransomware victims have handed over vast amounts of bitcoin to crooks. Some variants of the malware have generated more ransom than others.
'Malware-free' attacks now most popular tactic amongst cybercriminals | ZDNet
https://www.zdnet.com/article/malware-free-attacks-now-most-popular-tactic-amongst-cybercriminals/
https://www.zdnet.com/article/malware-free-attacks-now-most-popular-tactic-amongst-cybercriminals/
ZDNet
'Malware-free' attacks now most popular tactic amongst cybercriminals | ZDNet
Malware-free or fileless techniques accounted for 51% of attacks last year, compared to 40% the year before, as hackers turn to stolen credentials to breach corporate networks, reveals CrowdStrike's latest threat report.
Global Threat Report 2020: Foreword from George Kurtz | CrowdStrike
https://www.crowdstrike.com/blog/global-threat-report-foreword-2020/
https://www.crowdstrike.com/blog/global-threat-report-foreword-2020/
crowdstrike.com
Global Threat Report 2020: Foreword from George Kurtz | CrowdStrike
Read the foreword of the 2020 Global Threat Report from CrowdStrike CEO and Co-Founder George Kurtz, and download your copy of the annual threat report.
Forwarded from Alexey Lukatsky
Презентации с ICS Security Summit выложили - https://www.sans.org/cyber-security-summit/archives/ics
www.sans.org
SANS Institute: Summit Archives
Computer security training, certification and free resources. We specialize in computer/network security, digital forensics, application security and IT audit.
CWE list now includes hardware security weaknesses - Help Net Security
https://www.helpnetsecurity.com/2020/02/27/hardware-security-weaknesses/
https://www.helpnetsecurity.com/2020/02/27/hardware-security-weaknesses/
Help Net Security
CWE list now includes hardware security weaknesses - Help Net Security
The Mitre Corporation has released version 4.0 of the Common Weakness Enumeration list, which has been expanded to include hardware security weaknesses.
SP 800-133 Rev. 2 (Draft), Recommendation for Cryptographic Key Generation | CSRC
https://csrc.nist.gov/publications/detail/sp/800-133/rev-2/draft
https://csrc.nist.gov/publications/detail/sp/800-133/rev-2/draft
CSRC | NIST
NIST Special Publication (SP) 800-133 Rev. 2 (Draft), Recommendation for Cryptographic Key Generation
Cryptography is often used in an information technology security environment to protect data that is sensitive, has a high value, or is vulnerable to unauthorized disclosure or undetected modification during transmission or while in storage. Cryptography…
Forwarded from Пост Лукацкого
OWASP выпустил бесплатный инструмент для моделирования угроз Threat Dragon https://t.co/nRrLEMh28Y
— Alexey Lukatsky (@alukatsky) March 7, 2020
— Alexey Lukatsky (@alukatsky) March 7, 2020
GitHub
owasp-threat-dragon/README.md at master · mike-goodwin/owasp-threat-dragon
An open source, online threat modelling tool from OWASP - mike-goodwin/owasp-threat-dragon
Forwarded from RUSCADASEC news: Кибербезопасность АСУ ТП (Anton Shipulin)
Команда MITRE ATT&CK рассказала о планах на 2020 год. Среди прочего:
- Оценивают слияние MITRE ATT&CK for ICS c единой MITRE ATT&CK (в которую уже решено объединить PRE-ATT&CK, Mobile ATT&CK, and Enterprise ATT&CK)
- Планируют публикацию мапинга техник MITRE ATT&CK с противодействующими им контролями NIST 800.53 v4 (и другими фрэймворками)
https://medium.com/mitre-attack/2020-attack-roadmap-4820d30b38ba
- Оценивают слияние MITRE ATT&CK for ICS c единой MITRE ATT&CK (в которую уже решено объединить PRE-ATT&CK, Mobile ATT&CK, and Enterprise ATT&CK)
- Планируют публикацию мапинга техник MITRE ATT&CK с противодействующими им контролями NIST 800.53 v4 (и другими фрэймворками)
https://medium.com/mitre-attack/2020-attack-roadmap-4820d30b38ba
Medium
2020 ATT&CK Roadmap
Taking a look back at 2019 and presenting a 2020 roadmap for ATT&CK