#DiyakoSecureBow
————————————
Cybersecurity Playbook for SOC
1. Attack utilizing a known vulnerability
An attacker utilizing a known vulnerability has been detected.
Detection:
• Network detection from IDS/IPS/network threat detection capability
• Endpoint detection from the targeted host
Verification;
• The event is validated with the asset list. If the known vulnerable software/hardware
is not present on the targeted asset this should be marked as false positive. If an accurate asset list is not available 😶 , this verification needs to be done manually by the support team of the targeted asset.
• The event is correlated with the end point security software (EDR/XDR) to confirm whether the attack is successful or not.
Communication:
• For successful attacks, start triage using attack and asset criticality information.
Perform escalation according to triage results and predefined escalation plan.
• For unsuccessful attacks and false positives, no immediate communication required.
Action:
• For successful attacks, perform containment on affected hosts. Run vulnerability scan on the same vulnerability across all IT assets.
• There can be different containment strategies according to the business criticality of the asset. It ranges from auto-containment and cutting it off completely from the network to a milder limited connectivity to selected IPs and ports.
The strategy to apply requires discussion between SOC, risk management, and business teams.
• For unsuccessful attacks, add to backlog to study why and what additional actions are required:
• For false positives, log as statistics
-Business Secure Continuity-
1402.07.20
——————————————————
#SOC #Splunk #CSIRT
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_%DB%8C%DA%A9%DB%8C-%D8%A7%D8%B2-%DA%86%D8%A7%D9%84%D8%B4-%D9%87%D8%A7%DB%8C-%D9%BE%D8%B1-%D8%B1%D9%86%DA%AF-%D8%AD%D9%88%D8%B2%D9%87-%D8%A7%D9%85%D9%86%DB%8C%D8%AA-%D8%B3%D8%A7%DB%8C%D8%A8%D8%B1%DB%8C-activity-7118267709930242049--jHc
————————————
Cybersecurity Playbook for SOC
1. Attack utilizing a known vulnerability
An attacker utilizing a known vulnerability has been detected.
Detection:
• Network detection from IDS/IPS/network threat detection capability
• Endpoint detection from the targeted host
Verification;
• The event is validated with the asset list. If the known vulnerable software/hardware
is not present on the targeted asset this should be marked as false positive. If an accurate asset list is not available 😶 , this verification needs to be done manually by the support team of the targeted asset.
• The event is correlated with the end point security software (EDR/XDR) to confirm whether the attack is successful or not.
Communication:
• For successful attacks, start triage using attack and asset criticality information.
Perform escalation according to triage results and predefined escalation plan.
• For unsuccessful attacks and false positives, no immediate communication required.
Action:
• For successful attacks, perform containment on affected hosts. Run vulnerability scan on the same vulnerability across all IT assets.
• There can be different containment strategies according to the business criticality of the asset. It ranges from auto-containment and cutting it off completely from the network to a milder limited connectivity to selected IPs and ports.
The strategy to apply requires discussion between SOC, risk management, and business teams.
• For unsuccessful attacks, add to backlog to study why and what additional actions are required:
• For false positives, log as statistics
-Business Secure Continuity-
1402.07.20
——————————————————
#SOC #Splunk #CSIRT
#BusinessSecureContinuity
https://www.linkedin.com/posts/diyako-secure-bow_%DB%8C%DA%A9%DB%8C-%D8%A7%D8%B2-%DA%86%D8%A7%D9%84%D8%B4-%D9%87%D8%A7%DB%8C-%D9%BE%D8%B1-%D8%B1%D9%86%DA%AF-%D8%AD%D9%88%D8%B2%D9%87-%D8%A7%D9%85%D9%86%DB%8C%D8%AA-%D8%B3%D8%A7%DB%8C%D8%A8%D8%B1%DB%8C-activity-7118267709930242049--jHc
LinkedIn
LinkedIn Login, Sign in | LinkedIn
Login to LinkedIn to keep in touch with people you know, share ideas, and build your career.
🔐 Protect your organization's data! Password security is crucial. Discover the risks of password reuse and how to mitigate them with Specops Password Policy.
Read:
https://thehackernews.com/2023/10/take-offensive-approach-to-password.html
⚠️ Adobe Acrobat Reader users, beware! CISA adds high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities list.
Read:
https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html
Don't wait – update your software now.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.20
Read:
https://thehackernews.com/2023/10/take-offensive-approach-to-password.html
⚠️ Adobe Acrobat Reader users, beware! CISA adds high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities list.
Read:
https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html
Don't wait – update your software now.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.20
IoT Security
IoT Secure Development Guide
https://www.pentestpartners.com/security-blog/iot-secure-development-guide
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.20
IoT Secure Development Guide
https://www.pentestpartners.com/security-blog/iot-secure-development-guide
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.20
Pen Test Partners
IoT Secure Development Guide | Pen Test Partners
Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted…
🛡️ Microsoft's October 2023 Patch Tuesday: 103 new vulnerabilities addressed, including 2 zero-days and 13 critical ones.
Find details for CVE-2023-36563 and CVE-2023-41763 and other flaws here — https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html
Update now to protect your systems.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.21
Find details for CVE-2023-36563 and CVE-2023-41763 and other flaws here — https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html
Update now to protect your systems.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.21
tools
WebApp Security
SocketSleuth - Burp Suite Extension for websocket testing
https://github.com/snyk/socketsleuth
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.21
WebApp Security
SocketSleuth - Burp Suite Extension for websocket testing
https://github.com/snyk/socketsleuth
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.21
GitHub
GitHub - snyk/socketsleuth: Burp Extension to add additional functionality for pentesting websocket based applications
Burp Extension to add additional functionality for pentesting websocket based applications - GitHub - snyk/socketsleuth: Burp Extension to add additional functionality for pentesting websocket bas...
tools
Cloud Security
KubeHound - Kubernetes attack graph tool allowing automated calculation of attack paths between assets in a cluster
https://github.com/DataDog/KubeHound
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.22
Cloud Security
KubeHound - Kubernetes attack graph tool allowing automated calculation of attack paths between assets in a cluster
https://github.com/DataDog/KubeHound
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.22
GitHub
GitHub - DataDog/KubeHound: Tool for building Kubernetes attack paths
Tool for building Kubernetes attack paths. Contribute to DataDog/KubeHound development by creating an account on GitHub.
DFIRCross-Tenant Impersonation:
Prevention and Detection
https://lnkd.in/eJfVX8yV
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.22
Prevention and Detection
https://lnkd.in/eJfVX8yV
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.22
#DiyakoSecureBow
————————————
Why incident response is so critical:
Ransomware is overtaking money theft and other impacts as a more
convenient monetization scheme with much broader industry coverage
(not just the Financial sector). We can confidently classify most incidents with
causes before impact (suspicious events, tool alerts, etc.) as ransomware.
Vulnerability Exploitation:
In all cases when exploiting vulnerabilities was used as the initial vector,
the main damage is data encryption.The most prevalent vulnerability in our data set is the list of vulnerabilities related to Microsoft Exchange Server ( CVE-2021-26855 , CVE-2021-34523 , CVE-2021-26855 ,CVE-2021-34523 )
Top initial compromise vectors and how long the attack went unnoticed:
In most cases where initial access wasn’t identified, the attack lasted for
more than a year before being detected by the organization, by which time
no artefacts were left to analyze due to log rotation policies. More than
half of all attacks that started with malicious e-mails, stolen credentials
or external application exploitation were detected in hours or days.
Legitimate tools in MITRE ATT&CK®
In most cases, security teams can mitigate the initial vector of attack with
prevention solutions. The most prevalent vectors of attack (exploitation
of public-facing applications, compromised accounts, malicious e-mail) could
have been mitigated - with timely patch management and implementation
of multifactor authentication, solutions with anti-phishing software to defend
against phishing attacks, and implementation of security awareness training
for employees.
-Business Secure Continuity-
1402.07.23
——————————————————
#MDR #NDR #EDR #Malware
#BusinessSecureContinuity
https://www.linkedin.com/feed/update/activity:7119244412445933568
————————————
Why incident response is so critical:
Ransomware is overtaking money theft and other impacts as a more
convenient monetization scheme with much broader industry coverage
(not just the Financial sector). We can confidently classify most incidents with
causes before impact (suspicious events, tool alerts, etc.) as ransomware.
Vulnerability Exploitation:
In all cases when exploiting vulnerabilities was used as the initial vector,
the main damage is data encryption.The most prevalent vulnerability in our data set is the list of vulnerabilities related to Microsoft Exchange Server ( CVE-2021-26855 , CVE-2021-34523 , CVE-2021-26855 ,CVE-2021-34523 )
Top initial compromise vectors and how long the attack went unnoticed:
In most cases where initial access wasn’t identified, the attack lasted for
more than a year before being detected by the organization, by which time
no artefacts were left to analyze due to log rotation policies. More than
half of all attacks that started with malicious e-mails, stolen credentials
or external application exploitation were detected in hours or days.
Legitimate tools in MITRE ATT&CK®
In most cases, security teams can mitigate the initial vector of attack with
prevention solutions. The most prevalent vectors of attack (exploitation
of public-facing applications, compromised accounts, malicious e-mail) could
have been mitigated - with timely patch management and implementation
of multifactor authentication, solutions with anti-phishing software to defend
against phishing attacks, and implementation of security awareness training
for employees.
-Business Secure Continuity-
1402.07.23
——————————————————
#MDR #NDR #EDR #Malware
#BusinessSecureContinuity
https://www.linkedin.com/feed/update/activity:7119244412445933568
LinkedIn
LinkedIn Login, Sign in | LinkedIn
Login to LinkedIn to keep in touch with people you know, share ideas, and build your career.
Fast Detection , Fast Respond
PSIRT Advisories
FortiOS - Plain-text credentials in GET request via SSL VPN web portal
Summary
A use of GET request method with sensitive query strings vulnerability [CWE-598] in the FortiOS SSL VPN component may allow an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services (found in logs, referers, caches, etc...)
Affected Products FortiOS version 7.4.0
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.0.0 through 7.0.12
Solutions
Please upgrade to FortiOS version 7.4.1 or above
Please upgrade to FortiOS version 7.2.6 or above
Please upgrade to upcoming FortiOS version 7.0.13 or above
Timeline
2023-09-29: Initial publication
https://www.fortiguard.com/psirt/FG-IR-23-120
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.24
https://www.linkedin.com/posts/alirezaghahrood_fast-detection-fast-respond-psirt-advisories-activity-7119431492211982336-USm7
PSIRT Advisories
FortiOS - Plain-text credentials in GET request via SSL VPN web portal
Summary
A use of GET request method with sensitive query strings vulnerability [CWE-598] in the FortiOS SSL VPN component may allow an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services (found in logs, referers, caches, etc...)
Affected Products FortiOS version 7.4.0
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.0.0 through 7.0.12
Solutions
Please upgrade to FortiOS version 7.4.1 or above
Please upgrade to FortiOS version 7.2.6 or above
Please upgrade to upcoming FortiOS version 7.0.13 or above
Timeline
2023-09-29: Initial publication
https://www.fortiguard.com/psirt/FG-IR-23-120
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.24
https://www.linkedin.com/posts/alirezaghahrood_fast-detection-fast-respond-psirt-advisories-activity-7119431492211982336-USm7
FortiGuard Labs
PSIRT | FortiGuard Labs
None
#DiyakoSecureBow
————————————
Don’t have time to read the full report?
Here are a few findings you won’t want to miss.
The highest volume of critical and high-severity
vulnerabilities were discovered within the government and
nonprofit industry.
During analysis, we found a few key observations, including:
• Web applications have the highest volume of high and critical vulnerabilities of all types of tests that
NetSPI performs. This is likely due to the high exposure of internet facing web applications and that there are more web application penetration tests performed than any other assessment. Not to mention web application pentesting is in NetSPI’s DNA and our methodology is very collaborative to fully prove out vulnerabilities and demonstrate their full impact.
• Access Control issues are top findings for all three application penetration tests. While validating authorization prior to access of functionality or data differs depending on application technology, the importance of
performing this check is crucial to the confidentiality, integrity, and availability of the data.
• Many of the vulnerabilities listed here require human-driven pentesting to discover. As applications and APIs become more complex, human intuition and understanding will become even more essential to root
out security weaknesses in business logic, cross-application interactions, and authorization controls. NetSPI’s testing methodology focuses on these complex and high risk issues to identify vulnerabilities that automated tools are unable to correctly identify
By NetSPI
Special Thanks ✌ Aaron Shilts , Other teammates ❤️
-Business Secure Continuity-
1402.07.24
——————————————————
#API #Pentest #Offensive #redTeam #Misconfiguration
#BusinessSecureContinuity
https://www.linkedin.com/feed/update/activity:7119509760957128704
————————————
Don’t have time to read the full report?
Here are a few findings you won’t want to miss.
The highest volume of critical and high-severity
vulnerabilities were discovered within the government and
nonprofit industry.
During analysis, we found a few key observations, including:
• Web applications have the highest volume of high and critical vulnerabilities of all types of tests that
NetSPI performs. This is likely due to the high exposure of internet facing web applications and that there are more web application penetration tests performed than any other assessment. Not to mention web application pentesting is in NetSPI’s DNA and our methodology is very collaborative to fully prove out vulnerabilities and demonstrate their full impact.
• Access Control issues are top findings for all three application penetration tests. While validating authorization prior to access of functionality or data differs depending on application technology, the importance of
performing this check is crucial to the confidentiality, integrity, and availability of the data.
• Many of the vulnerabilities listed here require human-driven pentesting to discover. As applications and APIs become more complex, human intuition and understanding will become even more essential to root
out security weaknesses in business logic, cross-application interactions, and authorization controls. NetSPI’s testing methodology focuses on these complex and high risk issues to identify vulnerabilities that automated tools are unable to correctly identify
By NetSPI
Special Thanks ✌ Aaron Shilts , Other teammates ❤️
-Business Secure Continuity-
1402.07.24
——————————————————
#API #Pentest #Offensive #redTeam #Misconfiguration
#BusinessSecureContinuity
https://www.linkedin.com/feed/update/activity:7119509760957128704
LinkedIn
LinkedIn Login, Sign in | LinkedIn
Login to LinkedIn to keep in touch with people you know, share ideas, and build your career.
IoT Security
IoT Bug Bounty Hunting
Part 1: https://bugprove.com/knowledge-hub/iot-bug-bounty-hunting-using-bug-prove
Part 2: https://bugprove.com/knowledge-hub/iot-bug-hunting-part-2-walkthrough-of-discovering-command-injections-in-firmware-binaries
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.24
IoT Bug Bounty Hunting
Part 1: https://bugprove.com/knowledge-hub/iot-bug-bounty-hunting-using-bug-prove
Part 2: https://bugprove.com/knowledge-hub/iot-bug-hunting-part-2-walkthrough-of-discovering-command-injections-in-firmware-binaries
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.24
Excited to announce I’m #OpenForBusiness and providing services on LinkedIn. Check out my services page for Cybersecurity, IT Consulting, Corporate Events, Non-profit Consulting, Corporate Training, Public Speaking, Team Building, Executive Coaching, Online Research and Information Security.
https://www.linkedin.com/posts/alirezaghahrood_openforbusiness-ugcPost-7120083005343154176-QsSE
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.25
https://www.linkedin.com/posts/alirezaghahrood_openforbusiness-ugcPost-7120083005343154176-QsSE
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.25
Offensive security
Red Team Tactics
A Hitch-hacker's Guide to DACL-Based Detections
Part 1A: https://trustedsec.com/blog/a-hitchhackers-guide-to-dacl-based-detections-part-1-a
Part 1B: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-1b
Part 2: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-2
Part 3: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-3
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Red Team Tactics
A Hitch-hacker's Guide to DACL-Based Detections
Part 1A: https://trustedsec.com/blog/a-hitchhackers-guide-to-dacl-based-detections-part-1-a
Part 1B: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-1b
Part 2: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-2
Part 3: https://trustedsec.com/blog/a-hitch-hackers-guide-to-dacl-based-detections-part-3
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
TrustedSec
A Hitch-hacker's Guide to DACL-Based Detections (Part 1A)
blue team
exploit
1. CVE-2023-20198:
Cisco ISO XE Software Web Management User Interface Vulnerability
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198
2. CVE-2023-36728:
Windows SQL Server Pre-Auth Overflow Read
https://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728
3. CVE-2023-38545:
Socks5 heap buffer overflow
https://github.com/d0rb/CVE-2023-38545
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
1. CVE-2023-20198:
Cisco ISO XE Software Web Management User Interface Vulnerability
https://blog.talosintelligence.com/active-exploitation-of-cisco-ios-xe-software
Checkscript: https://github.com/Atea-Redteam/CVE-2023-20198
2. CVE-2023-36728:
Windows SQL Server Pre-Auth Overflow Read
https://v-v.space/2023/10/16/sqlserver-dos-CVE-2023-36728
3. CVE-2023-38545:
Socks5 heap buffer overflow
https://github.com/d0rb/CVE-2023-38545
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Cisco Talos
Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerabilities
Cisco has identified active exploitation of two previously unknown vulnerabilities in the Web User Interface (Web UI) feature of Cisco IOS XE software — CVE-2023-20198 and CVE-2023-20273 — when exposed to the internet or untrusted networks.
#DiyakoSecureBow
————————————
CISA Open Source Software Security Roadmap
Overview
The federal government, critical infrastructure, and state, local, tribal, and territorial (SLTT) governments greatly depend upon open source software (OSS). OSS is software for which the humanreadable source code1 is made available to the public for use, study, re-use, modification,
enhancement, and re-distribution. OSS is part of the foundation of software used across critical infrastructure, supporting every single critical infrastructure sector and every National Critical Function:
one study2 found that 96% of studied codebases across various sectors contain open source code, and 76% of code in studied codebases was open source. Therefore, to fulfill CISA’s mission of understanding, managing, and reducing risks to the federal government and critical infrastructure, we
must understand and protect the open source software that we rely upon.
As a public good, open-source software is supported by diverse and wide-ranging communities—which are composed of individual maintainers, non-profit software foundations, and corporate stewards. CISA must integrate into and support these communities, with a particular focus on the critical OSS components that the federal government and critical infrastructure systems rely upon. CISA recognizes the immense benefits of open source software, which enables software developers to work at an accelerated pace and fosters significant innovation and collaboration. With these benefits
in mind, this roadmap lays out how CISA will help enable the secure usage and development of OSS, both within and outside the federal government. As detailed below, the roadmap centers on four key
goals:
1) establishing CISA’s role in supporting the security of OSS,
2) understanding the prevalence of key open source dependencies,
3) reducing risks to the federal government, and
4) hardening the broader OSS ecosystem
-Business Secure Continuity-
1402.07.26
——————————————————
#CISA #FBI #NSA #CyberSecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/alirezaghahrood_os-software-sec-roadmap-2023-activity-7120291786693955585-4jZB
————————————
CISA Open Source Software Security Roadmap
Overview
The federal government, critical infrastructure, and state, local, tribal, and territorial (SLTT) governments greatly depend upon open source software (OSS). OSS is software for which the humanreadable source code1 is made available to the public for use, study, re-use, modification,
enhancement, and re-distribution. OSS is part of the foundation of software used across critical infrastructure, supporting every single critical infrastructure sector and every National Critical Function:
one study2 found that 96% of studied codebases across various sectors contain open source code, and 76% of code in studied codebases was open source. Therefore, to fulfill CISA’s mission of understanding, managing, and reducing risks to the federal government and critical infrastructure, we
must understand and protect the open source software that we rely upon.
As a public good, open-source software is supported by diverse and wide-ranging communities—which are composed of individual maintainers, non-profit software foundations, and corporate stewards. CISA must integrate into and support these communities, with a particular focus on the critical OSS components that the federal government and critical infrastructure systems rely upon. CISA recognizes the immense benefits of open source software, which enables software developers to work at an accelerated pace and fosters significant innovation and collaboration. With these benefits
in mind, this roadmap lays out how CISA will help enable the secure usage and development of OSS, both within and outside the federal government. As detailed below, the roadmap centers on four key
goals:
1) establishing CISA’s role in supporting the security of OSS,
2) understanding the prevalence of key open source dependencies,
3) reducing risks to the federal government, and
4) hardening the broader OSS ecosystem
-Business Secure Continuity-
1402.07.26
——————————————————
#CISA #FBI #NSA #CyberSecurity
#BusinessSecureContinuity
https://www.linkedin.com/posts/alirezaghahrood_os-software-sec-roadmap-2023-activity-7120291786693955585-4jZB
LinkedIn
LinkedIn Login, Sign in | LinkedIn
Login to LinkedIn to keep in touch with people you know, share ideas, and build your career.
Design_Deploy_Secure_Azure.pdf
5.8 MB
Tech book
Cloud Security
Design and Deploy a Secure Azure: Environment Mapping the NIST Cybersecurity Framework to Azure Services 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Cloud Security
Design and Deploy a Secure Azure: Environment Mapping the NIST Cybersecurity Framework to Azure Services 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Cisco_Secure_Firewall_Hardening_Guide.pdf
297.7 KB
Hardening
Cisco Secure Firewall Management Center Hardening Guide Ver. 7.2 2023
Cisco Hardening Guides:
https://www.cisco.com/c/en/us/support/security/defense-center/products-installation-and-configuration-guides-list.html
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Cisco Secure Firewall Management Center Hardening Guide Ver. 7.2 2023
Cisco Hardening Guides:
https://www.cisco.com/c/en/us/support/security/defense-center/products-installation-and-configuration-guides-list.html
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
iam_sec.pdf
17.5 MB
hardening
Tech book
Cloud Security
AWS Identity and Access Management User Guide 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Tech book
Cloud Security
AWS Identity and Access Management User Guide 2023.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Citrix is warning of active exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that can hijack sessions and bypass multi-factor authentication.
Learn more: https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html
Patch immediately and terminate active sessions.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
Learn more: https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html
Patch immediately and terminate active sessions.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.26
🕵️♂️ ALERT: Google TAG security experts uncover Russian and Chinese state-backed threat actors exploiting WinRAR vulnerability (CVE-2023-38831) to infiltrate systems.
Get details here: https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.27
Get details here: https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
1402.07.27