Cyber Security Informer

CIS Control 4: Secure Configuration of Enterprise Assets and Software

Security Boulevard

SEPTEMBER 15, 2021

Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. The post CIS Control 4: Secure Configuration of Enterprise Assets and Software appeared first on The State of Security.

Software

Analysis of the 2021 Verizon Data Breach Report (DBIR)

Daniel Miessler

MAY 19, 2021

A definitions reminder: Incident : A security event that compromises the integrity, confidentiality or availability of an information asset. They map to the CIS controls for recommendations. Organized crime made up over 80% of threat actors, with other categories—including State Actor—having very little showing.

Data breaches

Data breaches Social Engineering Ransomware Phishing

Implementing Effective Compliance Testing: A Comprehensive Guide

Centraleyes

NOVEMBER 23, 2023

At the heart of every organization’s pursuit of compliance lies the critical need to meet regulatory expectations and consistently maintain that state of compliance. It serves as a cornerstone in auditing, primarily concerned with evaluating the effectiveness of controls related to regulatory risks.

Education

Education Policy Compliance Digital transformation Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The 5 C’s of Audit Reporting

Centraleyes

MARCH 12, 2024

What is a Security Audit? At its core, an audit systematically examines an organization’s processes, controls, and practices. In cybersecurity, audit management involves assessing the effectiveness of security measures, identifying vulnerabilities, and ensuring compliance with industry standards and regulations.

Risk

Risk Cybersecurity Government Firewall

CIS 18 Critical Security Controls Version 8

NopSec

AUGUST 16, 2022

The CIS Security Controls, published by SANS and the Center for Internet Security (SIS) and formerly known as the SANS 20 Critical Security Controls , are prioritized mitigation steps that your organization can use to improve cybersecurity.

Penetration Testing

Penetration Testing Social Engineering Firewall Software

5 Application Security Standards You Should Know

Security Boulevard

DECEMBER 21, 2021

It shouldn’t be surprising that application security has become more important over the last few years. 57% of reported financial losses for the largest web application incidents over the last 5 years were attributed to state-affiliated threat actors. OWASP Application Security Verification Standard (ASVS). Access control.

Software

Software Architecture Risk Penetration Testing

The Godfather Banking Trojan Expands Application Targeting to Affect More Europe-Based Victims

Security Boulevard

JANUARY 26, 2023

Figure 4 - Malware code which uses the VNC viewer to control the device screen and steal victim data. Godfather malware includes banking trojans used by different threat actors to target Android mobile devices. Initial variants were reported beginning of March 2021. (1) Figure 2 shows an example of this lure.

Banking

Banking Malware Cryptocurrency Mobile

How ransomware gangs are connected, sharing resources and tactics

Malwarebytes

APRIL 12, 2021

This is the overall finding of Jon DiMaggio, known cybersecurity luminary and Chief Security Strategist for Analyst1, a threat intelligence company. SunCrypt was found using IP addresses and Command and Control infrastructure tied to Twisted Spider to deliver the ransomware payload in its campaigns. Shared infrastructure.

Ransomware

Ransomware Malware Media Cybersecurity

IT threat evolution in Q2 2023

SecureList

AUGUST 30, 2023

Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program, was used in a high-supply-chain attack. When we reviewed our telemetry on the campaign, we found a DLL on one of the computers, named guard64.dll,

Malware

Malware Spyware Cryptocurrency Government

Vulnerability Management Policy: Steps, Benefits, and a Free Template

eSecurity Planet

MAY 12, 2023

External Vulnerability Management Requirements Every organization faces general or specific regulations from international, federal, state, or local governments. For example, for the CIS Critical Security Controls , the requirements are broad: 7.1 and industry standards.

Penetration Testing

Penetration Testing Risk Cybersecurity Government

Okta: Breach Affected All Customer Support Users

Krebs on Security

NOVEMBER 29, 2023

“All Okta Workforce Identity Cloud (WIC) and Customer Identity Solution (CIS) customers are impacted except customers in our FedRamp High and DoD IL4 environments (these environments use a separate support system NOT accessed by the threat actor),” Okta’s advisory states. When KrebsOnSecurity broke the news on Oct.

Authentication

Authentication Accountability Antivirus Passwords

Establishing Security Maturity Through CIS Cyber Defense Framework

McAfee

APRIL 20, 2020

Introduction – Choosing the Right Security Controls Framework. Organizations are increasingly finding themselves caught in the “ security war of more ” where Governance, Risk and Compliance regimes, compounded by vendor solution fragmentation, have resulted in tick-box security.

Architecture

Architecture Risk Data breaches Cyber threats

BloodyStealer and gaming assets for sale

SecureList

SEPTEMBER 27, 2021

Not functional in the CIS. Earlier this year, we covered the threats related to gaming , and looked at the changes from 2020 and the first half of 2021 in mobile and PC games as well as various phishing schemes that capitalize on video games. This tendency is not unique to PC or mobile games or to the gaming industry as a whole.

Accountability

Accountability Marketing Phishing Malware

CIS Control 6: Access Control Management

Security Boulevard

SEPTEMBER 29, 2021

CIS Control 6 merges some aspects of CIS Control 4 (admin privileges) and CIS Control 14 (access based on need to know) into a single access control management group. The post CIS Control 6: Access Control Management appeared first on The State of Security.

Tomiris called, they want their Turla malware back

SecureList

APRIL 24, 2023

Introduction We introduced Tomiris to the world in September 2021, following our investigation of a DNS-hijack against a government organization in the Commonwealth of Independent States (CIS). The threat actor targets government and diplomatic entities in the CIS.

Malware

Malware DNS Government Software

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted so that a finished product is as secure as it can be. Identity 4.

IoT

IoT Firmware Mobile Manufacturing

Analysis of BlackByte Ransomware’s Go-Based Variants

Security Boulevard

MAY 3, 2022

In early versions of the ransomware, file encryption utilized a hardcoded 1,024-bit RSA public key along with a 128-bit AES key that was derived from a file retrieved from a command and control server. Disable Controlled Folder Access. Introduction. Previous versions of the ransomware were written in C#. Technical Analysis.

Encryption

Encryption Ransomware Antivirus Backups

IT threat evolution Q1 2021

SecureList

MAY 31, 2021

In our initial report on Sunburst , we examined the method used by the malware to communicate with its C2 (command-and-control) server and the protocol used to upgrade victims for further exploitation. One thing that sets this campaign apart from others, is the peculiar victim profiling and validation scheme.

Malware

Malware Adware Encryption Architecture

RM3 – Curiosities of the wildest banking malware

Fox IT

MAY 4, 2021

In this post we provide some history, analysis and observations on this most pernicious family of banking malware targeting Oceania, the UK, Germany and Italy. We’ll start with an overview of its origins and current operations before providing a deep dive technical analysis of the RM3 variant. Introduction.

Banking

Banking Malware Encryption Architecture

Cyber Security Informer

CIS Control 4: Secure Configuration of Enterprise Assets and Software

Analysis of the 2021 Verizon Data Breach Report (DBIR)

Webinars

Trending Sources

Implementing Effective Compliance Testing: A Comprehensive Guide

Webinars

The 5 C’s of Audit Reporting

CIS 18 Critical Security Controls Version 8

5 Application Security Standards You Should Know

The Godfather Banking Trojan Expands Application Targeting to Affect More Europe-Based Victims

How ransomware gangs are connected, sharing resources and tactics

IT threat evolution in Q2 2023

Vulnerability Management Policy: Steps, Benefits, and a Free Template

Okta: Breach Affected All Customer Support Users

Establishing Security Maturity Through CIS Cyber Defense Framework

BloodyStealer and gaming assets for sale

CIS Control 6: Access Control Management

Tomiris called, they want their Turla malware back

IoT Secure Development Guide

Analysis of BlackByte Ransomware’s Go-Based Variants

IT threat evolution Q1 2021

RM3 – Curiosities of the wildest banking malware

Stay Connected