ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.26K subscribers
1.78K photos
13 videos
308 files
5.67K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.



Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.26K subscribers
ISACARuSec
Forwarded from Пост Лукацкого
Перевод MITRE ATT&CK и маппинг техник ФСТЭК на нее - https://t.co/BwanNW2j3u
— Alexey Lukatsky (@alukatsky) Sep 13, 2021
Blogspot
Перевод MITRE ATT&CK и ее маппинг на техники ФСТЭК
Блог Алексея Лукацкого "Бизнес без опасности"
105 views
ISACARuSec
https://www.gartner.com/smarterwithgartner/4-must-have-technologies-that-made-the-gartner-hype-cycle-for-cloud-security-2021/
Gartner
4 Must-Have Technologies That Made the Gartner Hype Cycle for Cloud Security
Our Gartner Hype Cycle for Cloud Security, 2021 covers the most significant technologies that enable the delivery of controlled, compliant and economical cloud strategies. 💻 Learn more. #CloudSecurity @Gartner_IT
375 views
ISACARuSec
395 views
ISACARuSec
ISACARuSec
https://twitter.com/kl_secservices/status/1437383280731508736
411 views
ISACARuSec
Forwarded from k8s (in)security (D1g1)
Много шума наделал статья "Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances"

Кратко:
- Используя данную проблему вредоносный пользователь может выйти из своего окружений и попасть в соседние окружения других клиентов облака
- Дело касается Azure Container Instances (ACI) это CaaS/serverless от Microsoft
- У Microsoft реализация ACI есть на Kubernetes и Service Fabric Clusters, проблему удалось проверить только в первом случае
- В реализации на Kubernetes для размещения клиентов использовался node-based multi-tenancy подход
- Azure Kubernetes Service (AKS) мог пострадать только в том случае, если он интегрирован с ACI
- Атака: 1) Побег из контейнера через 1-day уязвимость CVE-2019-5736 в runC 2) получение доступа к privileged Kubernetes service account token 3) выполнение команд на Kubernetes api-server
- На первом шаге использовали контейнер WhoC, который позволяет прочитать и отправить исполняющий его container runtime
- На втором шаге исследователи поняли, что им доступен service account token, который имеет права на pods/exec в любом namespace, включая kube-system
- На третьем шаге исследовали просто получили shell в контейнере Kubernetes api-server - Game Over!
- Также исследователи нашли возможность получить shell в контейнере Kubernetes api-server через SSRF ;)

После прочтения я большое всего в шоке от того что в этой части облака (непонятно как в других) использовался runC 2016 года и Kubernetes от ноября 2017 - октября 2018 ...
Unit 42
Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances
Affecting Azure Container Instances, Azurescape is the first known cross-account container takeover in the public cloud.
174 views
ISACARuSec
https://twitter.com/chadtilbury/status/1437806105183334401
Twitter
Chad Tilbury
How to automate forensic disk collection in AWS >> aws.amazon.com/blogs/security…
421 viewsedited  
ISACARuSec
https://www.scmagazine.com/analysis/data-security/house-committee-tees-up-new-ftc-data-security-bureau
SC Media
House committee tees up new FTC data security bureau
Congressional legislation would set aside a billion dollars for a new Data Security Bureau, but the bill offers little in the way of details.
415 views
ISACARuSec
Гайд по борьбе с шифровальщиками от регулятора по ИБ Франции.

https://twitter.com/ANSSI_FR/status/1435172595863801862
Twitter
ANSSI
How to prevent #ransomware attacks and respond to an incident? 📕 Carried out in partnership with @justice_gouv, this awareness guide is enriched by the testimonies of 3 victim organisations of #ransomware attacks. #cybersecurity #SSI #FIC2021 ⤵️ssi.gouv.…
807 viewsedited  
ISACARuSec
Сертификации по ИБ для Гугл клауд.

https://cloud.withgoogle.com/cloudsecurity/podcast/ep31-cloud-certifications-and-cloud-security-with-thecertsguy/
Withgoogle
EP31 Cloud Certifications, and Cloud Security with TheCertsGuy
The Cloud Security Podcast from Google is a weekly news and interview show with insights from the cloud security community.
420 viewsedited  
ISACARuSec
https://www.kali.org/blog/kali-linux-2021-3-release/
Kali Linux
Kali Linux 2021.3 Release (OpenSSL, Kali-Tools, Kali Live VM Support, Kali NetHunter Smartwatch)
Today we have released the newest version of Kali Linux, 2021.3 (quarter #3), which is now ready for download or updating. A summary of the changes since the 2021.2 release from June are: OpenSSL - Wide compatibility by default - Keep reading for what that…
402 views
ISACARuSec
https://twitter.com/campuscodi/status/1438127337384591371
Twitter
Catalin Cimpanu
NEW: Microsoft announced today that it will let users completely remove passwords from consumer accounts and go passwordless Instead of a password, users can select to use: -a security key -Microsoft Authenticator app -email/SMS codes -Hello biometrics t…
397 viewsedited  
ISACARuSec
https://twitter.com/cloudsa/status/1438225082556485635
Twitter
CloudSecurityAlliance
We’ve just released implementation guidelines for the Cloud Controls Matrix (CCM) v4! Get a greater level of detail regarding #cloudsecurity and #privacy best practices. Download the guidelines now: bit.ly/3AfsT1b
408 viewsedited  
ISACARuSec
https://twitter.com/cybertechaccord/status/1438185384651886592
Twitter
Cyber Tech Accord
By 2022, each home in North America is expected to have almost 24 connected devices. Read how you can secure your #IoT devices, from smart phones to smart locks on your door: bit.ly/2VzzB2Y
392 viewsedited  
ISACARuSec
https://twitter.com/philvenables/status/1438288353955303426
Twitter
Phil Venables
Great security program coming up at Google Cloud Next '21 cloud.withgoogle.com/next/catalog/#…
407 viewsedited  
ISACARuSec
https://twitter.com/Cyberlandsio/status/1438382161774747648
Twitter
Cyberlands.io
An implementation enabler for threat intel driven cybersecurity risk management cyberlands.io/threatintellig… cyberlands.io/threatintellig…
427 viewsedited  
ISACARuSec
https://blog.virustotal.com/2021/09/introducing-vt-alerts.html
Virustotal
Introducing VT Alerts
  360-degrees insights into your assets Many VirusTotal’s users deploy rules to monitor that their assets, including domains, IP ranges and ...
390 views
ISACARuSec
https://twitter.com/MITREattack/status/1438169310946635778
Twitter
ATT&CK
Power up your layers with the release of ATT&CK Navigator v4.4! We've added a new workflow for upgrading a nav layer that lets you see and respond to changed techniques, and combined search and multi-select into a more powerful UI. Check out new version at…
406 viewsedited  
ISACARuSec
https://csrc.nist.gov/publications/detail/nistir/8360/final
CSRC | NIST
NIST Internal or Interagency Report (NISTIR) 8360, Machine Learning for Access Control Policy Verification
Access control policy verification ensures that there are no faults within the policy that leak or block access privileges. As a software test, access control policy verification relies on methods such as model proof, data structure, system simulation, and…
385 views