Cyber for all - Page 8
This blog is a windows on a complex world. An overlook to the universe of technology which drives our daily life, using a divulgative and enjoyable perspective
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?
MITRE ATT&CK is a framework that systematizes hostile actors’ tactics, techniques, and procedures If the Allies succeeded in carrying out a massive landing like Normandy,[...]
Read more
OWASP Top 10 Privacy Risks
OWASP Top 10 Privacy Risks serves as a guide to comprehensive data privacy management and securing data against criminals At the end of April, the Spanish Data Protection Agency (A[...]
Read more
Why does your company need ransomware simulations?
Red Team services can perform ransomware simulations to test whether an organization is prepared to withstand a ransomware attack The exploitation of a zero-day vulnerability, supp[...]
Read more
DNS Water Torture: how not to drown in this tsunami of requests
Through DNS Water Torture, attackers send an avalanche of requests to saturate the capacities of DNS servers and cause a denial of service Companies are the main target of many cyb[...]
Read more
EPSS: What is the probability of a vulnerability being exploited?
The EPSS indicator quantifies the probability of exploiting a given vulnerability in the next 30 days Every day, new vulnerabilities emerge that, if exploited, can lead to security[...]
Read more
Attack Path Management: Securing the Active Directory
Conti, SaveTheQueen, Quantum, Samas, Maze, Bublebee… In recent years, various ransomware have been used to attack companies’ Active Directory and spread through their s[...]
Read more
The 10 Keys to Ransomware as a Service
The rise of Ransomware as a Service has multiplied the number of potential attackers that companies and public administrations face Software as a Service (SaaS), Platform as a Serv[...]
Read more
The 6 keys to threat modeling
When we build a house, we want security to be considered by evaluating the ground on which it is built and how its foundations are planted. Otherwise, cracks will start to appear s[...]
Read more
4 key differences between Pentesting and Red Team
Pentesting and Red Team services differ in scope, how objectives are met, the need for concealment and execution time In a field as complex and constantly evolving as cybersecurity[...]
Read more
Blue Team: Strengthening the defence of a company
Blue Team is in charge of all the defensive layers of an organization to prevent, detect or correct security incidents that could affect the business 6 billion dollars a day. The C[...]
Read more