Collaborate Disseminate
As security professionals, we have acknowledged for over a decade that our data resides outside our network. Yet, we still talk about strategies for protecting the enterprise vs cloud infrastructure, or access management for branch offices vs remote wo… Continue reading Can zero trust kill our need to talk about locations?
MITRE ATT&CK stands for MITRE Adversarial Tactics, Techniques and Common Knowledge. It’s a curated knowledge base of adversarial behavior based on real-world observation of APT campaigns. The original impetus for the project was to answer the quest… Continue reading 5 Things to Do with MITRE ATT&CK – Tips and Tricks Special
The Institute for Security and Technology’s Ransomware Task Force (RTF) has released a comprehensive strategic framework to help worldwide organizations fight against ransomware and will be delivering it to the U.S. President’s team. The 81… Continue reading 48 recommendations for a global fight against ransomware
A practical cybersecurity guide from the National Institute of Standards and Technology (NIST) can help hotel owners reduce the risks to a highly vulnerable and attractive target for hackers: the hotel property management system (PMS), which stores gue… Continue reading Cybersecurity guide for the hospitality industry
In the digital age, organizations and the missions and business processes they support rely on information technology and information systems to achieve their mission and business objectives. Not only is technology used to efficiently enable businesses… Continue reading NIST Cybersecurity Framework – The Key to Critical Infrastructure Cyber Resiliency
Table of Contents Introduction TA505 Packer Qiling Framework Proof of Concept IOC Conclusion References Introduction Threat Actors make use of packers when distributing their malware as they remain an effective way to evade detection and to make t… Continue reading Using Qiling Framework to Unpack TA505 packed samples
The most serious bugs are elevation-of-privilege issues in the Android System component (CVE-2020-0215 and CVE-2020-0416). Continue reading Google Rolls Out Fixes for High-Severity Android System Flaws
The MosaicRegressor espionage framework is newly discovered and appears to be the work of Chinese-speaking actors. Continue reading Rare Bootkit Malware Targets North Korea-Linked Diplomats
Seasoned cybersecurity pros will be familiar with MITRE. Known for its MITRE ATT&CK framework, MITRE helps develop threat models and defensive methodologies for both the private and public sector cybersecurity communities. MITRE recently added to … Continue reading MITRE Shield shows why deception is security’s next big thing
Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to RiskSense. Among the report’s key findings, total framework vulnerabilities in… Continue reading WordPress and Apache Struts weaponized vulnerabilities on the rise