Cyber for all - Page 4

This blog is a windows on a complex world. An overlook to the universe of technology which drives our daily life, using a divulgative and enjoyable perspective

EPSS: What is the probability of a vulnerability being exploited?
EPSS: What is the probability of a vulnerability being exploited?

The EPSS indicator quantifies the probability of exploiting a given vulnerability in the next 30 days Every day, new vulnerabilities emerge that, if exploited, can lead to security[...]

Read more
Attack Path Management: Securing the Active Directory
Attack Path Management: Securing the Active Directory

Conti, SaveTheQueen, Quantum, Samas, Maze, Bublebee… In recent years, various ransomware have been used to attack companies’ Active Directory and spread through their s[...]

Read more
The 10 Keys to Ransomware as a Service
The 10 Keys to Ransomware as a Service

The rise of Ransomware as a Service has multiplied the number of potential attackers that companies and public administrations face Software as a Service (SaaS), Platform as a Serv[...]

Read more
The 6 keys to threat modeling
The 6 keys to threat modeling

When we build a house, we want security to be considered by evaluating the ground on which it is built and how its foundations are planted. Otherwise, cracks will start to appear s[...]

Read more
4 key differences between Pentesting and Red Team
4 key differences between Pentesting and Red Team

Pentesting and Red Team services differ in scope, how objectives are met, the need for concealment and execution time In a field as complex and constantly evolving as cybersecurity[...]

Read more
Blue Team: Strengthening the defence of a company
Blue Team: Strengthening the defence of a company

Blue Team is in charge of all the defensive layers of an organization to prevent, detect or correct security incidents that could affect the business 6 billion dollars a day. The C[...]

Read more
Cyber Kill Chain. Dissecting the 7 phases of a targeted cyber attack
Cyber Kill Chain. Dissecting the 7 phases of a targeted cyber attack

On March 5, a ransomware attack managed to hijack patient data at the Hospital Clínic in Barcelona, one of Spain’s most important medical centers. This led to the cancellati[...]

Read more
NIST and secure software development
NIST and secure software development

Security is not merely a one-time issue but an ongoing one. For example, a house may be secure at the time of its construction, but if, over the years, it is not diligently cared f[...]

Read more
OWASP SCVS: Reducing Risks in the Software Supply Chain
OWASP SCVS: Reducing Risks in the Software Supply Chain

OWASP SCVS is a useful methodology for preventing supply chain attacks throughout the software lifecycle At the end of January, the LockBit ransomware successfully impacted ION Tra[...]

Read more
Improving APT resilience
Improving APT resilience

APT Resilience Enhancement combines offensive and defensive capabilities to optimize an organization’s defensive layers APT, or advanced persistent threat, has become increas[...]

Read more
1 2 3 4 5 6 7 10