ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.26K subscribers
1.78K photos
13 videos
308 files
5.67K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.



Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.26K subscribers
ISACARuSec
https://twitter.com/campuscodi/status/1418049913946918918
Twitter
Catalin Cimpanu
Mitre shares a list of today's most common and most dangerous security flaws it has been tracking this year cwe.mitre.org/top25/archive/…
508 viewsedited  
ISACARuSec
https://twitter.com/FSecure/status/1418140597945262089
Twitter
F-Secure
F-Secure’s board has been refining how to make better decisions about our security posture and risk appetite. For @helpnetsecurity, our CISO @ekoivune revealed 5 questions any organization can use to help with this process>> helpnetsecurity.com/2021/07/22/que……
502 viewsedited  
ISACARuSec
https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/security-operations-privileged-accounts
Docs
Security operations for privileged accounts in Azure Active Directory - Microsoft Entra
Learn about baselines, and how to monitor and alert on potential security issues with privileged accounts in Azure Active Directory.
513 views
ISACARuSec
Стандартинформ реорганизован в РСТ.
https://twitter.com/CryptographyRU/status/1418128813184147461
Twitter
Russian cryptography
Создан Российский институт стандартизации rst.gov.ru/portal/gost/ho…
529 viewsedited  
ISACARuSec
https://www.kuppingercole.com/events/eic2021
KuppingerCole
European Identity and Cloud Conference 2021
The European Identity and Cloud Conference returns fully digitalized, reacting to the global pandemic. We have collected a lot of experience in virtual conferencing throughout 2020 to be able to...
548 views
ISACARuSec
https://www.nist.gov/blogs/cybersecurity-insights/automatic-proofs-differential-privacy
NIST
Automatic Proofs of Differential Privacy
We are excited to introduce our fourth guest author in this blog series, Chike Abuah, PhD student in compute
565 views
ISACARuSec
FAQ on XDR by Forrester

https://go.forrester.com/blogs/xdr-faq-frequently-asked-questions-on-extended-detection-and-response/
573 viewsedited  
ISACARuSec
590 views
ISACARuSec
https://twitter.com/ArchieScorp/status/1418508731575382019
Twitter
Alexander Redchits
MITRE обновила ТОП-25 самых опасных программных CWE cwe.mitre.org/top25/archive/…
580 viewsedited  
ISACARuSec
https://csrc.nist.gov/publications/detail/nistir/8319/final
CSRC | NIST
NIST Internal or Interagency Report (NISTIR) 8319, Review of the Advanced Encryption Standard
The field of cryptography continues to advance at a very rapid pace, leading to new insights that may impact the security properties of cryptographic algorithms. The Crypto Publication Review Board ('the Board') has been established to identify publications…
623 views
ISACARuSec
https://www.gartner.com/en/newsroom/press-releases/2021-07-21-gartner-predicts-by-2025-cyber-attackers-will-have-we
Gartner
Gartner Predicts By 2025 Cyber Attackers Will Have Weaponized OT
Cyber attacks on operational technology are becoming more common. @Gartner_IT recommends implementing this OT #security control framework to address these risks. #GartnerSEC
1.09K views
ISACARuSec
Forwarded from Пост Лукацкого
На сайтах многих VM-вендоров можно найти ссылки на свежий Market Guide for Vulnerability Assessment от Gartner. Александр Леонов сделал обзор у себя в блоге (на английском) интересных моментов этого отчета - https://avleonov.com/2021/07/25/my-thoughts-on-the-2021-gartner-market-guide-for-vulnerability-assessment-what-about-the-quality/
162 views
ISACARuSec
https://twitter.com/Raj_Samani/status/1419560835274448899
Twitter
Raj Samani
RDP is back! The most common attack vector for #ransomware is RDP again according to @coveware coveware.com/blog/2021/7/23… #malware #cybersecurity #infosec
565 viewsedited  
ISACARuSec
Forwarded from k8s (in)security (D1g1)
29 июля в 19:00 (по Мск) в рамках [ Online Monitoring Meetup ] от MONHOUSE я выступлю с докладом "Kubernetes: Observability — важная часть Security". Для тех, кто не знает MONHOUSE это сообщество, где собираются люди и знания по вопросам мониторинга и автоматизированного управления.

В рамках своего выступления я хочу показать, что направление observability шире, чем многие на него привыкли сейчас смотреть. А именно как observability способно помочь значительно повысить уровень безопасности в Kubernetes кластерах. А также еще раз убедить в том, что нельзя сделать надежным и безопасным то, что вы не видите и не контролируете.


Мои основные тезисы:
- Неразрывная связь security и reliability
- Observability это не только логи, метрики и трейсы
- "Complexity is the worst enemy of security, and our systems are getting more complex all the time.", Bruce Schneier
- "Scientia potentia est"
- Observability для Continuous inventory и Continuous security profiling

Регистрация тут!
192 views
ISACARuSec
Довольно интресно к какому мнению придет суд по искам ушерба от вынужденного простою вызванного атакой шифровальщика .

https://twitter.com/GerritD/status/1419637297197326339
Twitter
Gerrit De Vynck
On A1 today - first came the ransomware attacks, now come the lawsuits washingtonpost.com/technology/202…
532 viewsedited  
ISACARuSec
https://www.bleepingcomputer.com/news/security/no-more-ransom-saves-almost-1-billion-in-ransomware-payments-in-5-years/amp/
BleepingComputer
No More Ransom saves almost €1 billion in ransomware payments in 5 years
The No More Ransom project celebrates its fifth anniversary today after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.
556 views
ISACARuSec
https://cloud.google.com/blog/products/identity-security/new-paper-assuring-compliance-cloud
Google Cloud Blog
Google Cloud Compliance Modernization - Compliance as Code | Google Cloud Blog
553 views
ISACARuSec
https://twitter.com/ISACANews/status/1420036937046532103
Twitter
ISACA Global
In light of recent ransomware and other high-profile attacks, ISACA’s 2021 State of Cybersecurity Part 2 looks at the threat landscape, the impact of the pandemic on security programs and its challenges. Read the entire report: bit.ly/3l1tsab #cybersecurity…
578 viewsedited  
ISACARuSec
https://twitter.com/osulop/status/1420042641916506112
Twitter
𝔒𝔩𝔩𝔦 𝔖𝔲𝔩𝔬𝔭𝔲𝔦𝔰𝔱𝔬
This is an actual subheading from the manual of a Samsung TV
577 viewsedited  
ISACARuSec
Появился спрос на навыки относительно редких языков программирования и анализа ПО на их основе.

https://blogs.blackberry.com/en/2021/07/old-dogs-new-tricks-attackers-adopt-exotic-programming-languages
BlackBerry
Old Dogs New Tricks: Attackers Adopt Exotic Programming Languages
For defenders to maintain a competitive advantage over attackers, it’s important to recognize emerging trends by threat actors. One such trend BlackBerry has observed in 2021 is the practice by malware authors of leveraging new and uncommon programming languages…
592 views