NEW BOT Телеграм, страница

Стандарты IEC 62443

IEC 62443 является международным стандартом безопасности для систем управления промышленной автоматизацией, и его значение растет по мере того, как сети и контроллеры становятся взаимосвязанными.
Подробнее:
✏️What the IEC 62443 standard does for industrial cybersecurity
✏️Structure of IEC 62443
✏️Обеспечение безопасности АСУ ТП – краткий обзор семейства стандартов IEC 62443

👍1

361 views06:47

ISACARuSec

https://cloudsecurityalliance.org/blog/2022/02/22/why-we-created-the-global-security-database/

cloudsecurityalliance.org

Why We Created the Global Security Database | CSA

The GSD is a modern approach to a modern problem. CVE is an old approach to an old problem, one that has been superseded by much more complicated IT systems.

631 views06:15

ISACARuSec

https://csrc.nist.gov/publications/detail/nistir/8270/draft

CSRC | NIST

NIST Internal or Interagency Report (NISTIR) 8270 (Draft), Introduction to Cybersecurity for Commercial Satellite Operations (2nd…

Space is a newly emerging commercial critical infrastructure sector that is no longer the domain of only national government authorities. Space is an inherently risky environment in which to operate, so cybersecurity risks involving commercial space – including…

636 views15:14

ISACARuSec

https://csrc.nist.gov/publications/detail/nistir/8374/final

CSRC | NIST

NIST Internal or Interagency Report (NISTIR) 8374, Ransomware Risk Management: A Cybersecurity Framework Profile

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. Attackers may also steal an organization’s information and demand an additional payment in return for not disclosing the information…

👍1

633 views18:05

ISACARuSec

The Federal CIO Council’s Federal Mobility Group (FMG) has released the final version of its in-depth international travel guidance report. The new document details a series of best practices agencies can adopt to safeguard Government-Furnished Equipment (GFE) mobile devices—mobile phones, tablets, and laptop computers—against attacks while in use during travel to foreign countries. https://www.cio.gov/2022-02-18-final-international-travel-guidance/

www.cio.gov

The CIO Council is a forum of Federal Chief Information Officers (CIOs). Our goal is to improve IT practices across U.S. Government agencies.

626 viewsedited 18:36

ISACARuSec

https://www.meritalk.com/articles/fcc-launches-inquiry-on-cyber-risks-to-internet-routing-protocol/

Meritalk

FCC Launches Inquiry on Cyber Risks to Internet Routing Protocol

<div class="at-above-post addthis_tool" data-url="https://www.meritalk.com/articles/fcc-launches-inquiry-on-cyber-risks-to-internet-routing-protocol/"></div>The Federal Communications Commission (FCC) has launched a Notice of Inquiry (NOI) to seek comments…

622 views21:08

ISACARuSec

Forwarded from CloudSec Wine (Артем Марков)

🔶🔷🔴 Cloud 9: Top Cloud Penetration Testing Tools

Here are nine cloud pen testing tools use by pentesters in 2022, and additional resources for enhancing your cloud pentesting skills.

https://bishopfox.com/blog/cloud-pen-testing-tools

#aws #azure #gcp

Bishop Fox

Cloud 9: Top Cloud Penetration Testing Tools

Here are nine of our favorite cloud pen testing tools use by our pen testers in 2022 and additional resources for enhancing your cloud pen testing skills.

356 views08:11

ISACARuSec

https://www.enisa.europa.eu/news/building-cyber-secure-railway-infrastructure

ENISA

Building cyber secure Railway Infrastructure

The European Union Agency for Cybersecurity (ENISA) delivers a joint report with the European Rail Information Sharing and Analysis Center (ISAC) to support the sectorial implementation of the NIS Directive.

591 views04:52

ISACARuSec

https://salt.security/blog/companies-are-struggling-against-a-681-increase-in-api-attacks-the-latest-state-of-api-security-report-shows

salt.security

Companies Struggling Against a 681% Increase in API Attacks

Empirical data from the Salt Security cloud platform shows a 681% increase in attack traffic compared to a 321% increase in overall API call volume.

616 views04:56

ISACARuSec

https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2022/why-collecting-the-right-metadata-is-crucial-for-scaling-a-security-program

ISACA

Why Collecting the Right Metadata is Crucial for Scaling a Security Program| ISACA

At Adobe, security is a critical priority for us, and we believe in defense-in-depth, which begins with monitoring — from collecting event logs and configuration data made available by public cloud providers, to logs from EDR systems and vulnerability scanning…

👍1

630 views05:55

ISACARuSec

Forwarded from SecurityLab.ru

В WhatsApp и других VoIP-приложениях обнаружены RCE-уязвимости

— Мессенджер WhatsApp и другие популярные VoIP-приложения используют библиотеку с открытым исходным кодом PJSIP, содержащую критические уязвимости удаленного выполнения кода.

— Успешная эксплуатация уязвимостей позволяет злоумышленнику удаленно выполнить код в приложении, использующем библиотеку PJSIP.

— По данным сайта Asterisk, программное обеспечение насчитывает около 2 млн загрузок в год и работает на 1 млн серверов в 170 странах.

https://www.securitylab.ru/news/530390.php

SecurityLab.ru

В WhatsApp и других VoIP-приложениях обнаружены RCE-уязвимости

Программы используют библиотеку с открытым исходным кодом PJSIP, содержащую критические проблемы.

365 views07:45

ISACARuSec

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/overview-recommendations

Docs

What is Azure Active Directory recommendations (preview)?

Provides a general overview of Azure Active Directory recommendations.

774 views17:15

ISACARuSec

https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-rbac-custom-roles-for-app-management-now-available/ba-p/3185206