https://www.helpnetsecurity.com/2020/05/27/underground-market-trends/
Other notable findings include the emergence of markets for:
Deepfake services for sextortion or to bypass photo verification requirements on some sites.
AI-based gambling bots designed to predict dice roll patterns and crack complex Roblox CAPTCHA.
Access-as-a-Service to hacked devices and corporate networks. Prices for Fortune 500 companies can reach up to US$10,000 and some services include access with read and write privileges.
Wearable device accounts where access could enable cybercriminals to run warranty scams by requesting replacement devices.
Other notable findings include the emergence of markets for:
Deepfake services for sextortion or to bypass photo verification requirements on some sites.
AI-based gambling bots designed to predict dice roll patterns and crack complex Roblox CAPTCHA.
Access-as-a-Service to hacked devices and corporate networks. Prices for Fortune 500 companies can reach up to US$10,000 and some services include access with read and write privileges.
Wearable device accounts where access could enable cybercriminals to run warranty scams by requesting replacement devices.
Help Net Security
What's trending on the underground market? - Help Net Security
Underground market trends will likely shift further in the months following the global COVID-19 pandemic, as attack opportunities continue to evolve.
ISACARuSec pinned «https://medium.com/anton-on-security/modern-cyber-defense-books-462e9bc950f7»
SP 800-204A, Building Secure Microservices-based Apps Using Service Mesh | CSRC
https://csrc.nist.gov/publications/detail/sp/800-204a/final
https://csrc.nist.gov/publications/detail/sp/800-204a/final
CSRC | NIST
NIST Special Publication (SP) 800-204A, Building Secure Microservices-based Applications Using Service-Mesh Architecture
The increasing trend in building microservices-based applications calls for addressing security in all aspects of service-to-service interactions due to their unique characteristics. The distributed cross-domain nature of microservices needs secure token…
SANS Oil & Gas Solutions Forum: Objective-based Security Drives Effective Solutions - SANS Institute
https://www.sans.org/webcasts/112760?ref=216530
https://www.sans.org/webcasts/112760?ref=216530
www.sans.org
SANS Oil & Gas Solutions Forum: Objective-based Security Drives Effective Solutions - SANS Institute
Over the last 15 or so years, Oil & Gas organizations, vendors and service providers have been steadily improving their awareness of the emerging cyber threats to their operations and the need to improve their security. As the realization of proven and potential…
IBM Security Virtual Summit - Security
Hear security leaders discuss best practices for dealing with the latest cybersecurity challenges
Learn how Quantum and AI are helping fight attacks and how to move to the cloud with confidence
Listen to Dr. Victoria Baines talk about “Fear fatigue, the new normal, and [what this means for] the future of cybersecurity”
Engage with experts “live” on our virtual platform
https://community.ibm.com/community/user/security/events/event-denoscription?CalendarEventKey=2e9df6c0-3457-42a8-87e5-6b396d37ae4d
Hear security leaders discuss best practices for dealing with the latest cybersecurity challenges
Learn how Quantum and AI are helping fight attacks and how to move to the cloud with confidence
Listen to Dr. Victoria Baines talk about “Fear fatigue, the new normal, and [what this means for] the future of cybersecurity”
Engage with experts “live” on our virtual platform
https://community.ibm.com/community/user/security/events/event-denoscription?CalendarEventKey=2e9df6c0-3457-42a8-87e5-6b396d37ae4d
IBM Security Community
IBM Security Virtual Summit - UK
This year, more than any other, we have a critical need to come together to accelerate essential r
Forwarded from Мероприятия по ИБ
Онлайн-конференция "Как соответствовать ГОСТ Р 57580.1-2017 ? (банки и НФО)"
Программа конференции:
• Оптимизация затрат на приведение в соответствие ГОСТ 57580.1
• Реализация требований ГОСТ 57580 в части защиты информации при осуществлении удаленного доступа с использованием мобильных устройств
• Особенности аудита по ГОСТ 57580.2. Какие технические решения позволяют повысить оценку?
• Выполнение требований ГОСТ 57580 по контролю и защите доступа с помощью решений Индид
• Целостная защита инфраструктуры финансовой организации в соответствии с ГОСТ 57580
• Особенности построения периметровой защиты сети в рамках ГОСТ 57580
Дата проведения:
4 июня 2020 г., | 10:00 (МСК)
Регистрация
#конференция #июнь
@InfoBezEvents
Программа конференции:
• Оптимизация затрат на приведение в соответствие ГОСТ 57580.1
• Реализация требований ГОСТ 57580 в части защиты информации при осуществлении удаленного доступа с использованием мобильных устройств
• Особенности аудита по ГОСТ 57580.2. Какие технические решения позволяют повысить оценку?
• Выполнение требований ГОСТ 57580 по контролю и защите доступа с помощью решений Индид
• Целостная защита инфраструктуры финансовой организации в соответствии с ГОСТ 57580
• Особенности построения периметровой защиты сети в рамках ГОСТ 57580
Дата проведения:
4 июня 2020 г., | 10:00 (МСК)
Регистрация
#конференция #июнь
@InfoBezEvents
NIST Cybersecurity for IoT Program
https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program
https://www.nist.gov/programs-projects/nist-cybersecurity-iot-program
CISA Releases First Cyber Essentials Toolkit – MeriTalk
https://www.meritalk.com/articles/cisa-releases-first-cyber-essentials-toolkit/
https://www.meritalk.com/articles/cisa-releases-first-cyber-essentials-toolkit/
Meritalk
CISA Releases First Cyber Essentials Toolkit
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released a new cyber essentials toolkit to help small businesses and Federal agencies understand and address cybersecurity risks.