Cyber for all - Page 8

This blog is a windows on a complex world. An overlook to the universe of technology which drives our daily life, using a divulgative and enjoyable perspective

SSVC: How to make decisions about IT vulnerabilities
SSVC: How to make decisions about IT vulnerabilities

SSVC is a system that helps to analyze vulnerabilities to make decisions that prevent security incidents and contain their consequences The BBC, British Airways, the US Department [...]

Read more
What are advanced persistent threats?
What are advanced persistent threats?

Advanced persistent threat groups seek to access critical information and destabilize companies in critical sectors and public administrations The era of the cautious and silent sp[...]

Read more
OWASP API Security Top 10
OWASP API Security Top 10

The OWASP API Security Top 10 highlights the top vulnerabilities in application programming interfaces Few acronyms are more relevant to explain the digitization of our world than [...]

Read more
Detecting emerging vulnerabilities before they are exploited
Detecting emerging vulnerabilities before they are exploited

Companies must detect emerging vulnerabilities affecting their assets and anticipate the actions of cybercriminals In May, Barracuda, a company specializing in security solutions f[...]

Read more
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?

MITRE ATT&CK is a framework that systematizes hostile actors’ tactics, techniques, and procedures If the Allies succeeded in carrying out a massive landing like Normandy,[...]

Read more
OWASP Top 10 Privacy Risks
OWASP Top 10 Privacy Risks

OWASP Top 10 Privacy Risks serves as a guide to comprehensive data privacy management and securing data against criminals At the end of April, the Spanish Data Protection Agency (A[...]

Read more
Why does your company need ransomware simulations?
Why does your company need ransomware simulations?

Red Team services can perform ransomware simulations to test whether an organization is prepared to withstand a ransomware attack The exploitation of a zero-day vulnerability, supp[...]

Read more
DNS Water Torture: how not to drown in this tsunami of requests
DNS Water Torture: how not to drown in this tsunami of requests

Through DNS Water Torture, attackers send an avalanche of requests to saturate the capacities of DNS servers and cause a denial of service Companies are the main target of many cyb[...]

Read more
EPSS: What is the probability of a vulnerability being exploited?
EPSS: What is the probability of a vulnerability being exploited?

The EPSS indicator quantifies the probability of exploiting a given vulnerability in the next 30 days Every day, new vulnerabilities emerge that, if exploited, can lead to security[...]

Read more
Attack Path Management: Securing the Active Directory
Attack Path Management: Securing the Active Directory

Conti, SaveTheQueen, Quantum, Samas, Maze, Bublebee… In recent years, various ransomware have been used to attack companies’ Active Directory and spread through their s[...]

Read more
1 5 6 7 8 9 10 11 14