Cyber for all - Page 9
This blog is a windows on a complex world. An overlook to the universe of technology which drives our daily life, using a divulgative and enjoyable perspective
OWASP API Security Top 10
The OWASP API Security Top 10 highlights the top vulnerabilities in application programming interfaces Few acronyms are more relevant to explain the digitization of our world than [...]
Read more
Detecting emerging vulnerabilities before they are exploited
Companies must detect emerging vulnerabilities affecting their assets and anticipate the actions of cybercriminals In May, Barracuda, a company specializing in security solutions f[...]
Read more
MITRE ATT&CK: What tactics and techniques are cybercriminals employing?
MITRE ATT&CK is a framework that systematizes hostile actors’ tactics, techniques, and procedures If the Allies succeeded in carrying out a massive landing like Normandy,[...]
Read more
OWASP Top 10 Privacy Risks
OWASP Top 10 Privacy Risks serves as a guide to comprehensive data privacy management and securing data against criminals At the end of April, the Spanish Data Protection Agency (A[...]
Read more
Why does your company need ransomware simulations?
Red Team services can perform ransomware simulations to test whether an organization is prepared to withstand a ransomware attack The exploitation of a zero-day vulnerability, supp[...]
Read more
DNS Water Torture: how not to drown in this tsunami of requests
Through DNS Water Torture, attackers send an avalanche of requests to saturate the capacities of DNS servers and cause a denial of service Companies are the main target of many cyb[...]
Read more
EPSS: What is the probability of a vulnerability being exploited?
The EPSS indicator quantifies the probability of exploiting a given vulnerability in the next 30 days Every day, new vulnerabilities emerge that, if exploited, can lead to security[...]
Read more
Attack Path Management: Securing the Active Directory
Conti, SaveTheQueen, Quantum, Samas, Maze, Bublebee… In recent years, various ransomware have been used to attack companies’ Active Directory and spread through their s[...]
Read more
The 10 Keys to Ransomware as a Service
The rise of Ransomware as a Service has multiplied the number of potential attackers that companies and public administrations face Software as a Service (SaaS), Platform as a Serv[...]
Read more
The 6 keys to threat modeling
When we build a house, we want security to be considered by evaluating the ground on which it is built and how its foundations are planted. Otherwise, cracks will start to appear s[...]
Read more