threat modeling – Page 10 – WindowsTechs.com

Could you anonymously upload a file on the internet if the threat model was the entire world trying to find your identity after you do so? [on hold]

Posted on November 19, 2019 by Tom

Thought experiment: You need to upload a file, and the threat model is the entire world trying to find out who you are after you do so.

I know this is absurd, but bear with me, it’s a thought experiment, where the scenario i… Continue reading Could you anonymously upload a file on the internet if the threat model was the entire world trying to find your identity after you do so? [on hold]→

Malware Threat Hunting in Airport Systems – KPIs/Metrics to Track [on hold]

Posted on November 6, 2019 by SamRoy

I am trying to figure out how to detect potential threats from malwares in various systems installed in the airport.

To be specific, my focus is on the following systems in airports:

Baggage Handling System (BHS)
X-ray mac… Continue reading Malware Threat Hunting in Airport Systems – KPIs/Metrics to Track [on hold]→

Threat modelling workshop materials focusing on threat actor profiles [on hold]

Posted on October 16, 2019 by user78692

A while back I went to a threat modelling workshop that had a card deck with various actors, their motivations, and their methods.

I found this extremely helpful to frame the discussion around the probability / motivation … Continue reading Threat modelling workshop materials focusing on threat actor profiles [on hold]→

Find ATP Groups based on industry

Posted on October 4, 2019 by Nippon87

I’m trying to find a good site or DB where you can find threat groups based on industry.
Ex: Search for retail and it pulls up ATP1, ATP87, ATP43, etc.

I’ve found SOME sites like mitre attack, fire eye, but none of them all… Continue reading Find ATP Groups based on industry→

Cyber Security Threats – Paul Claxton – ESW #156

Posted on October 3, 2019 by Security Weekly Productions

Cyber Security Threats
The post Cyber Security Threats – Paul Claxton – ESW #156 appeared first on Security Weekly. Continue reading Cyber Security Threats – Paul Claxton – ESW #156→

Should the average user with no special access rights be worried about SMS-based 2FA being theoretically interceptable?

Posted on September 20, 2019 by Nzall

Security experts are constantly discouraging users from using SMS-based 2FA systems, usually because of worries the auth code could be intercepted by an attacker, either through a SIM swap or a MitM attack.

The problem I see… Continue reading Should the average user with no special access rights be worried about SMS-based 2FA being theoretically interceptable?→

Coresecurity, Endgame, & Edgewise – ESW #150

Posted on August 22, 2019 by Security Weekly Productions

Coresecurity, Endgame, & Edgewise
The post Coresecurity, Endgame, & Edgewise – ESW #150 appeared first on Security Weekly. Continue reading Coresecurity, Endgame, & Edgewise – ESW #150→

OWASP Appsec Tel Aviv 2019, Isaiah Sarju’s ‘How Online Dating Made Me Better At Threat Modeling’

Posted on August 15, 2019 by Marc Handelman

Isaiah Sarju is a Co-Owner of Revis Solutions
Permalink
The post OWASP Appsec Tel Aviv 2019, Isaiah Sarju’s ‘How Online Dating Made Me Better At Threat Modeling’ appeared first on Security Boulevard.
Continue reading OWASP Appsec Tel Aviv 2019, Isaiah Sarju’s ‘How Online Dating Made Me Better At Threat Modeling’→

Logic Board Manufacturers [Legitemate] are working on this issue some of them? True or False?

Posted on August 15, 2019 by Xybrid

CRC Values on Logic Board that are Genuine? Abort, Retry Fail, Ignore? CRC Values on these Boards… Can they Bet modified internationally? What do you think?

Continue reading Logic Board Manufacturers [Legitemate] are working on this issue some of them? True or False?→

OWASP Appsec Tel Aviv 2019, Izar Tarandach’s ‘What Do You Mean Threat Model Every Story’

Posted on August 14, 2019 by Marc Handelman

Izar Tarandach is a Lead Product Security Architect at Autodesk
Permalink
The post OWASP Appsec Tel Aviv 2019, Izar Tarandach’s ‘What Do You Mean Threat Model Every Story’ appeared first on Security Boulevard.
Continue reading OWASP Appsec Tel Aviv 2019, Izar Tarandach’s ‘What Do You Mean Threat Model Every Story’→