ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.27K subscribers
1.77K photos
13 videos
303 files
5.64K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.

https://engage.isaca.org/moscow/home

Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.27K subscribers
ISACARuSec
https://securityintelligence.com/posts/whats-new-2024-cost-of-a-data-breach-report/
Security Intelligence
Surging data breach disruption drives costs to record highs
Explore the latest breach incursions, associated costs and how organizations are fighting back in IBM's latest Cost of a Data Breach Report.
426 views
ISACARuSec
https://www.rapid7.com/blog/post/2024/07/30/new-research-the-proliferation-of-cellular-in-iot/
Rapid7
New Research: The Proliferation of Cellular in IoT | Rapid7 Blog
New whitepaper on the Analysis of Cellular Based IoT - co-authored by Rapid7's Deral Heiland & Thermo Fisher Scientific's Carlota Bindner. Learn more!
492 views
ISACARuSec
https://thinkst.com/ts/
Thinkst
ThinkstScapes
Keeping up with security research is near impossible. ThinkstScapes helps with this. We scour through thousands of blog posts, tweets and conference proceedings to give you an overview of the work we think significantly moves the needle.
546 views
ISACARuSec
Почти пятничный отчет про ddos и waf атаки в сегменте игр.

https://www.akamai.com/blog/security-research/2024/jul/2024-games-security-trends-is-a-battle-royale
494 views
ISACARuSec
https://www.keyfactor.com/blog/key-takeaways-from-the-2024-pki-digital-trust-report/
Keyfactor
Key Takeaways from the 2024 PKI & Digital Trust Report
In Keyfactor’s 2024 PKI & Digital Trust report, we take a look at the state of PKI and certificate management and where organizations are finding both success and frustration. 
600 views
ISACARuSec
👍1
757 views
ISACARuSec
https://www.theregister.com/2024/08/03/darpa_c_to_rust/
The Register
DARPA suggests turning old C code automatically into Rust – using AI, of course
Who wants to make a TRACTOR pull request?
561 views
ISACARuSec
Forwarded from k8s (in)security (r0binak)
Совсем недавно компания RedHat выпустила 30-ти страничный отчёт "The state of Kubernetes security report 2024 edition". В нём довольно много цифр и статистики, но самое важное из этого:

- Обеспокоенность в мисконфигурациях продолжает снижаться из года в год. Тем не менее мисконфиги – это по прежнему одна из основных и частых проблем в безопасности Kubernetes кластеров (наши аудиты тому подтверждение)

- Уязвимостей с каждым годом становится только больше. Их нужно правильно триажить и приоритезировать

- Большинство респондентов ответило, что за последний год хотя бы раз сталкивались с инцидентами в рантайме

- Большая часть организаций признают ценность DevSecOps и способствуют сотрудничеству между DevOps и командами безопасности
👍1
455 views
ISACARuSec
https://www.whitehouse.gov/oncd/briefing-room/2024/08/09/fact-sheet-biden-harris-administration-releases-end-of-year-report-on-open-source-software-security-initiative-2/

"The White House has published a yearly summary report for its Open-Source Software Security Initiative (OS3I)."
The White House
Fact Sheet: Biden-⁠Harris Administration Releases Summary Report of 2023 RFI on Open Source-Software Security Initiative
August 9, 2024 Read the full report here Today, the White House Office of the National Cyber Director, in partnership with members of the Open-Source Software Security Initiative (OS3I), is publishing a summary report on the Request for Information (RFI):…
474 viewsedited  
ISACARuSec
https://therecord.media/un-cybercrime-treaty-passes-unanimous
therecord.media
UN cybercrime treaty passes in unanimous vote
The United Nations passed its first cybercrime treaty on Thursday in a unanimous vote supporting an agreement first put forward by Russia.
👍1
438 views
ISACARuSec
https://www.akamai.com/blog/security-research/2024/aug/2024-august-kubernetes-gitsync-command-injection-defcon
Akamai
Git-Syncing into Trouble: Exploring Command Injection Flaws in Kubernetes | Akamai
Akamai researcher Tomer Peled discovered a design flaw in Kubernetes’ sidecar project git-sync that allows for command injection.
438 views
ISACARuSec
Американский NIST финализировали первые 3 стандарта пост квантовой криптографии. Пока только для электронной подписи.

https://www.nist.gov/news-events/news/2024/08/nist-releases-first-3-finalized-post-quantum-encryption-standards
NIST
NIST Releases First 3 Finalized Post-Quantum Encryption Standards
NIST is encouraging computer system administrators to begin transitioning to the new standards as soon as possible
438 viewsedited  
ISACARuSec
https://github.com/aquasecurity/traceeshark
GitHub
GitHub - aquasecurity/traceeshark: Deep Linux runtime visibility meets Wireshark
Deep Linux runtime visibility meets Wireshark. Contribute to aquasecurity/traceeshark development by creating an account on GitHub.
778 views