threat-mitigation – Page 6 – WindowsTechs.com

Secure interaction between UI and privileged service

Posted on April 26, 2019 by vkrzv

Suppose I have a low privileged UI running under a local user account and a high privileged service running under a SYSTEM account. What are the best practices to implement interaction between them? For example, how do I secu… Continue reading Secure interaction between UI and privileged service→

How can I mitigate the possibility of SSL private key being copied without my knowledge?

Posted on April 26, 2019 by duggulous

OCSP stapling and Certificate Transparency logs seem to provide a pretty good defense against man-in-the-middle attacks if I discover that my private key has been stolen. I can revoke my old certificate and switch to a new o… Continue reading How can I mitigate the possibility of SSL private key being copied without my knowledge?→

What is the difference between Anti – APT (Advanced Persistent Threat) and ATP (Advanced Threat Protection)?

Posted on April 12, 2019 by Regmi

Like the question says, is it the naming difference only or are they entirely different?

Continue reading What is the difference between Anti – APT (Advanced Persistent Threat) and ATP (Advanced Threat Protection)?→

Do programs run in Linux in Wine benefit rom DEP and ASLR?

Posted on February 28, 2019 by KOLANICH

Do programs run in Linux in Wine benefit from mitigation techniques DEP and ASLR?

Continue reading Do programs run in Linux in Wine benefit rom DEP and ASLR?→

Will removing the harddrive from a computer protect it from persistent malware?

Posted on February 1, 2019 by user942937

If I took a clean computer/laptop and removed the harddrive, lock the BIOS with a password, then did all my work from a live OS like Knoppix, will this help reduce the risk of persistent malware infection? Assuming the comput… Continue reading Will removing the harddrive from a computer protect it from persistent malware?→

Classification of countermeasures for family of vulnerabilities

Posted on January 15, 2019 by Ecterion

I would like to know if anyone of you has already read about some models that would classify a set of possible countermeasures against a family of vulnerabilities.

What I mean by a ‘family of vulnerabilities’ is, for example, vulnerabili… Continue reading Classification of countermeasures for family of vulnerabilities→

Happy Holidays! Here’s your Business Email Compromise (BEC) gift card scam

Posted on December 24, 2018 by Monnia Deng

Deck the hall with sad employees, Fa, la, la, la, la, la, la, la, la!
‘Tis the season to be swindled, Fa, la, la, la, la, la, la, la, la!
The post Happy Holidays! Here’s your Business Email Compromise (BEC) gift card scam appeared … Continue reading Happy Holidays! Here’s your Business Email Compromise (BEC) gift card scam→

How to reuse a rewritable DVD from an unknown source?

Posted on November 16, 2018 by Zach Boyd

I have a used rewritable DVD that I want to wipe and use to store new data. The DVD has been written to before by someone I don’t know and can’t necessarily trust. Is there a safe way to use the disk? I can do this in either … Continue reading How to reuse a rewritable DVD from an unknown source?→

Why would IPS vendor provider refuse to publish SLAs to fix the published highly ranked CVEs?

Posted on October 14, 2018 by Filopn

One of the biggest IPS providers (top of Gartner graph for its category) is not providing SLAs for all the 7+ ranking CVEs published last year. I don’t really understand why would they refuse to provide SLAs for the published… Continue reading Why would IPS vendor provider refuse to publish SLAs to fix the published highly ranked CVEs?→

TVRA does it cover physical, cyber and information security?

Posted on October 12, 2018 by Jaya Anand V

For that matter is TVRA only linked to security?

Can it be used to assess, evaluate all or any situation and from there, come up with control measures?

Continue reading TVRA does it cover physical, cyber and information security?→