Collaborate Disseminate
I have been thinking of implementing email and network sandboxing in a role I picked up some time ago. I know I have seen the Trend Micro Deep Discovery Analyzer in play as an analyst many years ago. I thought it was great, to be honest. H… Continue reading What are your thoughts on Trend Micro DDAN [closed]
This will be law soon:
Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress.
[…]
The reporting requirement legislation was approved by the House and the Senate on Thursday and is expected to be signed into law by President Joe Biden soon. It requires any entity that’s considered part of the nation’s critical infrastructure, which includes the finance, transportation and energy sectors, to report any “substantial cyber incident” to the government within three days and any ransomware payment made within 24 hours…
Continue reading US Critical Infrastructure Companies Will Have to Report When They Are Hacked
U.S. and U.K. government agencies called out Iranian government-affiliated hackers Thursday, accusing them of being behind cyber-espionage targeting the defense, local government, oil and natural gas and telecommunications sectors across the globe. The joint alert points a finger at MuddyWater, which the U.S. government for the first time last month attributed directly to Tehran. In the latest warning, the government agencies said that they have observed MuddyWater on the move in Africa, Asia, Europe and North America since 2018. “MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors,” reads the alert. The bulletin is the joint work of the the FBI, Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the U.S. Cyber Command Cyber National Mission Force and the U.K.’s National Cyber Security Centre. MuddyWater has a long history of allegedly spying on primarily […]
The post FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group appeared first on CyberScoop.
Continue reading FBI, CISA, Cyber Command take aim at cyber-espionage by Iran’s MuddyWater group
I am trying to find any resources available for middle-school / highschool students to gain exposure to basic cybersecurity / network security concepts. Anything that might include labs or guided exercises in a way that would be accessible… Continue reading Labs for young students to learn cybersecurity / network sec [closed]
I`m trying to execute YAIDS (installed on ubuntu with quickinstall script) regarding to the general documentation usage in order to analyse a malicious pcap file with the standard ruleset of index.yar from the official rules-master reposit… Continue reading YAIDS execution error without further error log information
As the image below shows, when you try to restore an existing wallet from a seed (a sequence of 12 words), the program offers some autocomplete suggestions. Though I’m sure the risk is purely theoretical – in the sense that the number of p… Continue reading Is not Electrum’s Seed Word Autocomplete a Theoretical Security Risk?
Doing building and testing in a container or a virtual machine seems like a useful layer of defence against supply-chain attacks. The container or VM can only have the working directory, maybe some test data and the tooling and basically n… Continue reading Protecting package manager credentials against supply-chain attacks
So I’ve been googling around and couldn’t find an answer to my question (I don’t discount the option that I could be asking the wrong question after all).
I see there is a question that deals with something similar (Established Security De… Continue reading Are there any security architecture patterns in the same way there are software design patterns (GOF)?
Hackers likely supporting Iranian national interests attempted to compromise U.S. and Israeli defense technology and global maritime companies, Microsoft researchers shared Monday. The attacks, which began in July, targeted the Office 365 accounts of more than 250 Microsoft users, the company said. Less than 20 of the targeted victims were successfully compromised, according to a security alert. Other targeted industries included defense companies supporting the European Union, geographic information systems and regional ports in the Persian Gulf. Hackers attempted to break into the accounts using a technique called “password spraying” in which hackers rapidly cycle through different passwords in an effort to access an account. Microsoft researchers say the “activity likely supports the national interests of the Islamic Republic of Iran” and the attacks’ techniques and targets align with other Iran-sponsored campaigns. “Microsoft assesses this targeting supports Iranian government tracking of adversary security services and maritime shipping in the Middle […]
The post Iran-linked hackers targeted maritime and defense contractors, compromised Office 365 accounts appeared first on CyberScoop.
I’ve read several times that many HSMs support configurable rate limiting on cryptographic operations, as a way of protecting against a hacker that compromises a server that has access to the HSM. So if a hacker compromised a server and th… Continue reading Is "time locking" a good strategy for protecting data with HSMs?