16245
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
CYBERSECURITY ADVISORY
Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Alert CodeAA21-200
Summary
This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds.
APT40—aka BRONZE MOHAWK, FEVERDREAM, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, Leviathan, MUDCARP, Periscope, Temp.Periscope, and Temp.Jumper—is located in Haikou, Hainan Province, People’s Republic of China (PRC), and has been active since at least 2009. APT40 has targeted governmental organizations, companies, and universities in a wide range of industries—including biomedical, robotics, and maritime research—across the United States, Canada, Europe, the Middle East, and the South China Sea area, as well as industries included in China’s Belt and Road Initiative.
On July 19, 2021, the U.S. Department of Justice (DOJ) unsealed an indictment against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun). Hainan Xiandun employee Wu Shurong cooperated with and carried out orders from PRC Ministry of State Security (MSS) Hainan State Security Department (HSSD) intelligence officers Ding Xiaoyang, Zhu Yunmin, and Cheng Qingmin to conduct CNE. Wu’s CNE activities resulted in the theft of trade secrets, intellectual property, and other high-value information from companies and organizations in the United States and abroad, as well as from multiple foreign governments. These MSS-affiliated actors targeted victims in the following industries: academia, aerospace/aviation, biomedical, defense industrial base, education, government, healthcare, manufacturing, maritime, research institutes, and transportation (rail and shipping).
Click here for a PDF version of this report.
https://lnkd.in/dVQDgJHU
https://lnkd.in/d4fd2xtZ
Special Thanks❤️😇👍🏽🙏
CISA Alumni Group
Cybersecurity and Infrastructure Security Agency
-Secure Business Continuity-
2024.07.31
——————————————————
#CyberSecurity #MitreAttack #Chain #RiskManagement
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_tactics-techniques-and-procedures-of-indicted-activity-7224365338149154816-M6hk?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Techbook
WebApp Security
Web Application Security:
Exploitation and Countermeasures for Modern Web Applications 2024.
Special Thanks❤️😇👍🏽🙏
👇🏻
/channel/CISOasaService/15265
/channel/cissp/7549
-Secure Business Continuity-
2024.07.30
——————————————————
#CyberSecurity #webapp #OWASP #secure
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ciso-as-a-service-activity-7223828052303085568-IsKd?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Promoting Support for Women's Menstrual Health in the Workplace: At Diyako Secure Bow we are proud to announce that, in addition to the legal leave, we have decided to grant one full day of paid leave per month for women during their menstrual cycle. This initiative aims to enhance organizational culture and support the physical and mental well-being of our female colleagues.
Why Have We Made This Decision?
Supporting Women's Health: Menstruation can be accompanied by physical and emotional discomfort.
Providing additional leave allows women to rest and take care of themselves.
Increasing Productivity: Adequate rest and attention to personal health improve overall productivity and performance.
Creating a Supportive Work Environment: With this initiative, we strive to create a supportive and understanding work environment for all our colleagues.
Call to Action
We invite other companies and organizations to consider the specific needs of their employees and promote a culture of health and well-being in the workplace. We believe that fostering such a culture benefits not only the employees but the entire organization.
Let's take a positive step together to support female colleagues and enhance organizational culture.
Best regards,
Alireza Ghahrood
Founder, vCISO
-Secure Business Continuity-
2024.07.27
——————————————————
#WomensHealth #OrganizationalSupport #CompanyCulture #CyberSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-womenshealth-organizationalsupport-activity-7222816726768373760-8vmD?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Exploring Infostealer Malware Techniques on
Automotive Head Units:
Automotive vehicles have become exponentially more computerized in the last decade, and automakers continue to add new functionality and integrations to these systems. While most research focuses on the safety features of autonomous and semi-autonomous vehicle capabilities, there is little research regarding the data collected by these systems and whether this data is of interest to threat actors.
By exploring exposed data, pivot points, and user impact, automakers and drivers can benefit from understanding how they can better protect themselves from unwanted data exposure and potential malware.
The research conducted focuses on threat modeling a sampled Android-based infotainment system, ascertaining what data could be of interest to a financially motivated threat actor, and identifying techniques to demonstrate impact.
Special Thanks❤️😇👍🏽🙏
Daniel Mazzella, dmazzella5@gmail.com
Lee Crognale
-Secure Business Continuity-
2024.07.23
——————————————————
#CyberSecurity #Malware #Techniques #Infostealer
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_malware-techniques-2024-activity-7221395069918990336-X6bU?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
The Open Web Application Security Project (OWASP) i s a worldwide free and open com- munity focused on improving the security of application software. Our mission is to make application security "visible", so that people and organizations can make informed decisions about application security risks. Every one is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a profit charitable organization that ensures the ongoing availability and support for our work.
Special Thanks❤️😇👍🏽🙏
OWASP® Foundation
OWASP ASVS
-Secure Business Continuity-
2024.07.19
——————————————————
#CyberSecurity #OWASP #ASVS #WebSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_web-security-testing-guide-2024-activity-7219815302686007296-BpLE?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Ransomware Diaries Volume 4:
Ransomed and Exposed — The Story of RansomedVC
RansomedVC stands out as one of the most unconventional ransomware operations I’ve investigated. Its leadership strategically employs propaganda, influence campaigns, and misinformation tactics to gain fame and notoriety within the criminal community. While I may have my assessment of RansomedVC, I cannot deny the effectiveness of its tactics It also rubbed many people the wrong way, including other criminals
Special Thanks❤️😇👍🏽🙏
Analyst1
-Secure Business Continuity-
2024.07.14
——————————————————
#CyberSecurity #Ransomware #Malware #EDR #IOC
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ransomware-2024-activity-7218258121205440512-c2wk?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
MODERN APPROACHES TO NETWORK ACCESS
SECURITY -Publication: 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has frequently identified virtual private network
(VPN) solutions that have been involved in many recent high-profile incidents, both with cyber criminals and
nation-state actors. CISA has discovered over 22 Known Exploited Vulnerabilities (KEVs) related to VPN
compromise, leading to broad access to victim networks. These incidents and associated vulnerabilities
are prompting some to consider replacing their legacy VPN solutions with modern network access
solutions. The shift of more services into the cloud also points to the value of Secure Access Service Edge
(SASE) instead of a traditional security stack located in an on-premises data center. While some VPN
solutions are inherently more secure than others—and not always the cause of major cyber incidents—
current hybrid networks require adopting modern network access security solutions to help organizations
protect corporate resources. Moreover, these network access solutions provide opportunities to integrate
granular access control not inherent to traditional VPN approaches. CISA encourages a careful analysis of
how your security needs have changed in light of increased use of cloud services and leveraging any
technology updates to progress in your Zero Trust journey. Organizations that embrace these newer practices will reach an overall outcome closer to zero trust (ZT)
principles.
Special Thanks❤️😇👍🏽🙏
U.S. Department of State
Cybersecurity and Infrastructure Security Agency
@U.S. Federal Bureau of Investigation
@New Zealand’s Government Communications Security Bureau
@New Zealand’s Computer Emergency Response Team
Canadian Institute for Cybersecurity
-Secure Business Continuity-
2024.07.13
——————————————————
#CyberSecurity #CISA #NSA #CISO #DOD
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_modern-approaches-2-nas-2014-activity-7217778531131396096-hmCX?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Threat Research
Game of Cross Cache: Let's win it in a more effective way! 2024.
Special Thanks❤️😇👍🏽🙏
BlackHat
-Secure Business Continuity-
2024.07.09
——————————————————
#CyberSecurity #Linux #Vulnerability
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_game-crosscache-2024-activity-7216259176593817603-i_OX?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Welcome! This roadmap is intended to be a step-by-step path that I would take to becoming a cloud security engineer today, if I was embarking on this exciting journey. I will keep this roadmap updated with feedback from all who pass through here, and look to make this a useful resource for people looking to start a rewarding and fun career as a cloud security engineer.
Let’s just start by saying – there is no one correct route to getting started in cybersecurity and cloud security. Every path and story are different, and this unique path will be a positive differentiator in your career. This roadmap has sections that provide individual guidance on transitioning to cloud security based on five common starting points:
Cloud Engineer
Security Engineer
Systems Administrator
Software Developer
No or Little IT Background
Special Thanks❤️😇👍🏽🙏
Pwned Labs
Pwned Labs for Business
-Secure Business Continuity-
2024.07.08
——————————————————
#CyberSecurity #CloudSecurity #CCSK #Vmware #Google #MicrosoftCloud
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cloud-security-roadmap-2024-activity-7215806636337078274-jraV?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
The enterprise guide to AI-powered DevSecOps:
DevSecOps is a practice and methodology that seeks to make shifting left a reality by integrating security into every step of the
software development lifecycle (SDLC).
At its core, DevSecOps works to align security work, and in some cases, engineering and security roles that historically would be done separately, directly into the DevOps workfow. As a result, DevSecOps reduces the cost and impact of security breaches, and enables teams to ship secure software faster. In fact, IBM’s 2023 Cost of a Data Breach report cites a $1.68M cost savings for organizations with high DevSecOps adoption compared to those with low or no adoption.
As Result DevSecOps =Culture😊
Special Thanks❤️😇👍🏽🙏
GitHub
And My lovely Mate
Hadess | حادث
-Secure Business Continuity-
2024.07.07
——————————————————
#CyberSecurity #DevSecOp #SDLC #Security #CISO
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_devsecops-ai-2024-activity-7215458337432231936-bVoD?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
2022 State of Operational Technology and Cybersecurity Report:
The 2022 State of Operational Technology and Cybersecurity Report, now in its fourth annual iteration, finds that organizations are still moving too slowly toward full protection of their operational technology (OT) assets. This comes at a time when OT systems are becoming more important to many organizations’ well-being, geopolitical events are making attacks more likely, more OT systems are being connected to the internet, and IP-based threats are becoming more advanced and doing more damage . This combination of factors is moving OT security upward in many organizations’ risk portfolio.
Based on a global survey of more than 500 OT security professionals, this year’s report finds that while OT security has the attention of organizational leaders, it continues to be owned by relatively low-ranking professionals . Speculation that OT security will be rolled under the CISO has been active for years, but there is
no sign that things are moving in that direction . And while security is a part of the performance measurements for most survey respondents, many are measured more on efficiency factors that might bring the temptation to cut corners on security.
Organizations repost modest moves forward in the overall maturity of their OT security posture, with slightly more of them having advanced to level 3 . But looking at specific best practices brings nuance to the issue . Only 13% of respondents have achieved centralized visibility of all OT activities, and only 52% are able to track all OT activities from the security operations center (SOC). Only around half of respondents claim to track and report various basic security metrics, and fewer than half of respondents are using any of a dozen specific security technologies and practices . The latter indicates a diversity in how organizations address OT security and reflects a market that is still evolving.
One thing that has improved very little in the past year is organizations’ security outcomes . A staggering 93% of organizations experienced an intrusion in the past 12 months, and 78% experienced more than three . Impacts included downtime, financial or data loss, brand degradation, and even reduced physical safety . Clearly, most organizations have work to do . Fortunately, a small percentage of respondents managed to avoid intrusions for the past year, and this report identifies several of the best practices they are more likely to employ.
Special Thanks❤️😇👍🏽🙏
Fortinet
-Secure Business Continuity-
2024.07.02
——————————————————
#CyberSecurity #PLC #OT #Fortinet #ICS #CISO
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_2022-ot-cybersecurity-report-activity-7213888497491873792-ZI9P?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Effective ICS Cybersecurity Using the IEC 62443 Standard (Companion piece to “Managing ICS Security With IEC 62443”)
Special Thanks❤️😇👍🏽🙏
Jason Dely
SANS Institute
Fortinet
-Secure Business Continuity-
2024.07.02
——————————————————
#CyberSecurity #PLC #OT #Fortinet #ICS #SANS
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_sans-ics-cybersecurtity-effective-2023-activity-7213728268867272704-Io6m?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Malware analysis
New North Korean Based Backdoor Packs A Punch 2024.
In recent months, North Korean based threat actors have been ramping up attack campaigns in order to achieve a myriad of their objectives, whether it be financial gain or with espionage purposes in mind. The North Korean cluster of attack groups is peculiar seeing there is quite some overlap with one another, and it is not always straightforward to attribute a specific campaign to a specific threat actor.
This is no different in our paper today, where we analyse a new threat campaign, initially discovered in late May, featuring multiple layers and which ultimately delivers a seemingly new and previously undocumented backdoor.
The threat campaign is specifically focused on Aerospace and Defense companies: sectors appealing to multiple threat actors, but of particular interest to North Korean threat groups in other recent campaigns. We have named this threat campaign and associated backdoors “Niki” as it refers to the potential malware developer(s).
Special Thanks❤️😇👍🏽🙏
Bart Blaze & Nguyen Nguyen
-Secure Business Continuity-
2024.06.28
——————————————————
#CyberSecurity #Vulnerability #Malware #CVE
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_nk-backdoor-2024-activity-7212490009256349696-XbuU?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Analytics
Software Vulnerability Ratings Report 2024
This report analyzes the security landscape of enterprise software. Its primary objective is to identify vulnerability trends within commonly used enterprise software categories, with a particular focus on exploitation rate and remote code execution (RCE) vulnerabilities.
Exploitation rate is the metric developed by the Action1 research team aimed at helping enterprises assess the risks associated with certain vendors’ software and the comprehensiveness of the their vulnerability management programs.
Special Thanks❤️😇👍🏽🙏
Action1
-Secure Business Continuity-
2024.06.26
——————————————————
#CyberSecurity #Vulnerability #webapp #software
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_software-vulnerability-report-2024-activity-7211805160992362496-xbqL?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Hardware Security
PKfail Research Report 2024.
https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem
Special Thanks❤️😇👍🏽🙏
BINARLY
-Secure Business Continuity-
2024.07.30
——————————————————
#CyberSecurity #Hardware #CVE
#SecureBusinessContinuity
Techbook
WebApp Security
Web Application Security:
Exploitation and Countermeasures for Modern Web Applications 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.07.30
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Industrial Control Systems (ICS) have migrated from stand-alone isolated systems to interconnected systems that leverage existing communication platforms and protocols to increase productivity, reduce operational costs and further improve an organization’s support model. ICS are responsible for a vast amount of critical processes necessitating organizations to adequately secure their infrastructure. Creating strong boundaries between business and process control networks can reduce the number of vulnerabilities and attack pathways that an intruder may exploit to gain unauthorized access into these critical systems.
This paper provides guidance to those organizations that must secure their ICS systems and networks through a defense-in-depth approach to security, achieved through the identification of key security patterns and controls that apply to critical information security domains. The goal is a visual explanation that allows stakeholders to understand how to reduce information risk while preserving the confidentiality, integrity and availability of critical infrastructure resources in the industrial control environment.
Special Thanks❤️😇👍🏽🙏
SANS Institute
SANS Technology Institute
SANS ICS
SANS Cyber Academy
SANS Cyber Defense
-Secure Business Continuity-
2024.07.26
——————————————————
#CyberSecurity #SANS #Malware #secure
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_secure-architecture-ics-2024-activity-7222565272119873538-hekE?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Analytics
CloudFlare Trends Report
State of Application Security in 2024
Special Thanks❤️😇👍🏽🙏
Cloudflare
-Secure Business Continuity-
2024.07.23
——————————————————
#CyberSecurity #DDOS #Mitigate #ZeroTrust
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_app-security-2024-activity-7221270621811318784-6y9B?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
users can use the guide as inspiration to create strong passwords and protect them from hackers. For further information, please read the chapters What is a strong
password, Multifactor authentication and How to deal with password overload. The appendices provide examples of strong passwords.
Senior management can use the guide as inspiration to define specific password policy best practices and ensure their implementation. For further information, please read the chapters What is a strong password, Multifactor authentication, How to deal with password overload and Awareness and training.
The IT operations/supplier level can use the guide particularly in connection with the acquisition or operation of systems and services that require authentication. For further information, please read the chapters Changing all default passwords, Focus on
administrator accounts, Account lockout and login monitoring and Secure handling of passwords in systems.
IT developers/system administrators can use the guide as inspiration to ensure that user interaction with passwords as well as communication and storage of passwords is performed in a secure manner. For further information, please read the chapters Focus on administrator accounts, Account lockout and login monitoring and
Secure handling of passwords in systems.
Senior management can use the guide to familiarize themselves further with the organizational password policy. For further information, please read the chapters
Awareness and training and Organizational password policy.
Special Thanks❤️😇👍🏽🙏
EAGLE SHARK CYBER DEFENCE
-Secure Business Continuity-
2024.07.18
——————————————————
#CyberSecurity #2FA #Policy #Password
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_password-security-policy-activity-7219552091688595457-GgTU?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
AI SECURITY FRAMEWO
Artificial Intelligence (AI) has revolutionized numerous domains, transforming the way we live and work. Its algorithms and models have proven their mettle by outperforming traditional methods in various applications, from natural language processing to self-driving cars. However, as AI permeates our lives, it introduces new security risks that can have catastrophic consequences. A compromised model could cause car accidents, misdiagnose illnesses, jeopardize lives, create fake content in news or manipulate stocks, impacting serious financial crises.
To harness AI’s potential, while safeguarding against vulnerabilities, regular audits, adversarial testing, and transparent model development are essential. A practical framework for securing AI systems is crucial, ensuring that the future lies at the intersection of innovation and resilience. Join us as we explore the delicate balance between progress and security in the era of technological marvels.
Special Thanks❤️😇👍🏽🙏
Snowflake
-Secure Business Continuity-
2024.07.14
——————————————————
#CyberSecurity #AI #ML #Impact #Mitigations
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ai-security-framework-2024-activity-7218106831649329152-bIjQ?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Reversing
LogoFail: Security implications of image parsing during system boot 2023.
Special Thanks❤️😇👍🏽🙏
BlackHat
BINARLY
-Secure Business Continuity-
2024.07.12
——————————————————
#CyberSecurity #Fuzz #Fuzzer
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_log0fail-2023-activity-7217417999060787200-NZ3w?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
The internal audit & risk agend 2024 :
looks to be another year of permacrisis with significant geopolitical disruption continuing. Most of the world’s major economies are undergoing elections in the coming year and the conflicts in the Ukraine and the Middle East continue to impact the global economy. Organisations that are only just beginning to recover from the disruption of three years of pandemic face further uncertainty in respect of inflation, interest rates, energy supply costs and talent shortages. knowledge and softer skills essential to the role internal auditors now need to enhance their understanding of governance and regulatory requirements and to develop their technical knowledge of information technology, data analytics, programme and project management, business resilience and ESG.
The new global internal audit standards reflect this
and look to raise the bar by making actions that were
previously good practice into mandatory requirements
for high performing internal audit functions. In addition
to this the new standards now include the Audit
Committee’s responsibilities for the first time. Heads
of Internal Audit need to work with their Committee
Chairs to make sure these are understood and addressed.
Internal Audit therefore has a key role to play in
supporting organisations to navigate a path through
this uncertain and changing risk landscape. This document sets out some of the key challenges on the horizon that Heads of Internal Audit should be considering when thinking about the wider risks relevant to their organisations and the technical skills required to deliver meaningful assurance.
Dependency on technology has increased even
though cyber threats are higher than ever. Despite this,
digitalisation is driving business transformation and recent developments in Artificial Intelligence and Blockchain present new opportunities for innovation but these carry a heightened level of risk. Cyber, privacy and digital transformation risks are understandably high
on the Audit Committee agenda. Non-financial data is taking on a much higher profile with reporting obligations and stakeholder requirements being extended to compel disclosure of ESG performance and responses to climate change risks.
This has required organisations to introduce new systems
and controls to ensure that this data will stand up to
stakeholder scrutiny. Regulators have sought to keep pace with these changes - introducing new legislation and disclosure requirements that need to be complied with. Expectations of Internal Audit remain high with demand for assurance expanding to cover a wider range of areas than ever before. Alongside the traditional controls
Special Thanks❤️😇👍🏽🙏
BDO Spain
-Secure Business Continuity-
2024.07.08
——————————————————
#CyberSecurity #Audit #Risk #Assesment #Security
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_internal-audit-and-risk-2024-activity-7215809344045518849-kbFR?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Welcome to the 9th edition of the Edgescan Vulnerability Stats Report 2024.
This report demonstrates the state of full stack security based on thousands of security assessments and penetration tests on millions of assets that were performed globally from the Edgescan Cybersecurity
Platform in 2023. This is an analysis of vulnerabilities detected in the systems of hundreds organizations across a wide range of industries – from the Fortune 500 to medium and small businesses.🤓
The report provides a statistical model of the most common weaknesses faced by organizations to enable data-driven decisions for managing risks and exposures more effectively. We hope this report will provide a unique by-the-numbers insight into trends, statistics and
a snapshot of the overall state of cybersecurity for the past year, from the perspective of vulnerabilities
discovered and remediated, as well as penetration testing success rates. We are proud that this yearly report has become a reliable source for approximating the global state of vulnerability management. This is exemplified by our unique dataset being part of the Verizon Data Breach Investigations Report (DBIR), which is the de facto standard for insights into the common drivers for
incidents and breaches today.
This year we delve into Risk Density to describe where critical severity vulnerabilities and exposures are clustered in the IT technical stack, quantification of attack surface management exposures and risks, and Mean Time To Remediate (MTTR) critical vulnerabilities.
Special Thanks❤️😇👍🏽🙏
Edgescan
-Secure Business Continuity-
2024.07.07
——————————————————
#CyberSecurity #Vulnerability #Pentest #ASM #ThreatIntelligence #Risk #Patch #Hardening
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_vulnerability-statistics-report-2024-activity-7215469671758647296-YRgp?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
The State of Exposure Management in 2024:
What if you could identify all the ways in which your organization is exposed to cyber attacks, understand how adversaries will exploit those exposures, and prioritize remediation efforts to reduce risk most effectively? Well, that is exactly what this report is all about. This report presents key insights drawn from hundreds of thousands of attack path assessments conducted through the XM Cyber Continuous Exposure Management (CEM) platform during 2023. These assessments uncovered over 40 million exposures affecting 11.5 million entities deemed critical to business operations. Data gathered from the XM Cyber platform were anonymized and provided to Cyentia Institute for independent analysis to generate the insights that fill the pages to follow.
Everyone’s talking about exposure management
Exposure Management seems to be the hot topic on everyone’s lips right now, but defining what this means and how best to implement a Continuous Threat Exposure Management (CTEM) framework is still causing some confusion.
Aiming to move away from the pain point of endless lists of vulnerabilities, organizations are embracing technologies that claim to provide greater coverage of exposure types, and additional context to aid the prioritization and risk analysis of these different exposure types. However, the context is still often limited to each individual asset or focused solely on the intrusion risk, as in which asset is the mostly likely breach point.
At XM Cyber, we’ve been providing holistic Exposure Management powered by our XM Attack Graph AnalysisTM for over 8 years. We’re proud to once again distill those findings into this third edition of our annual State of Exposure Management report. We hope these insights will bolster your security team’s important mission over the next year. We present some highlights of this year’s analysis on the next page.
Special Thanks❤️😇👍🏽🙏
Cyentia Institute
XM Cyber
-Secure Business Continuity-
2024.07.05
——————————————————
#CyberSecurity #ASM #Exposure #Leakage #CISO
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_exposure-management-2024-activity-7214740800448974848-Q-5V?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
2024 State of Operational Technology and Cybersecurity Report
This year marks our sixth edition of the Fortinet State of Operational Technology and Cybersecurity Report. The 2024 study is based on comprehensive data from a global survey of more than 550 OT professionals conducted by a respected third-party research company.
As OT organizations introduce new digital tools and technologies to their environments, their security challenges have grown more complex.
As NIST notes, While security solutions have been designed to deal with these issues in typical IT systems, special precautions must be taken when introducing these same solutions to OT environments. In some cases, new security solutions that are tailored to the OT environment are needed.This year’s report shows that some progress has been made over the last 12 months in OT security posture and investment in essential tools and capabilities. But there’s more work to be done to effectively manage an increasing number of attacks in a post-IT/OT convergence world.
Three notable trends emerged from our 2024 survey responses:
-Intrusions and their impacts on organizations have worsened over the past year.
-Responsibility for OT cybersecurity is elevating within executive leadership ranks.
- OT security postures are maturing in key areas, but this remains a work in progress.
The critical insights and deeper analysis of these findings expose the dynamic and sometimes mercurial nature of managing OT risks. Considering these specific challenges, this year’s report also offers some current best practices and tips for improving your organization’s OT security posture.
Special Thanks❤️😇👍🏽🙏
Fortinet
🤓Another clear sign of increasing maturity comes from steady growth in organizations that have already rolled OT security under a CISO, from only 10% in 2022 to 17% in 2023 to 27% this year. At the same time, we saw a reversal of last year’s trend with organizations that were not planning to move OT security under the CISO in the next 12 months, which went from 11% in 2022 down to 4% last year, but back up to 12% in 2024.😍
-Secure Business Continuity-
2024.07.02
——————————————————
#CyberSecurity #PLC #OT #Fortinet #ICS #CISO
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_2024-operational-technology-cybersecurity-activity-7213882892655968256-pxBV?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Offensive Security
NTLM: The Legacy Protocol That Won't Die 2024.
Microsoft’s Roadmap
• Microsoft’s Authentication Platform team is hopeful that NTLM will be disabled by default by 2028
• Disabled, not deprecated
• History tells us it will take longer than that
• That goal is at least 4 years away
• In the meantime, AD/Windows environments are exposed (90% of organizations)
https://badoption.eu/blog/2024/04/25/netntlm.html
Special Thanks❤️😇👍🏽🙏
SpecterOps
Elad Shamir
-Secure Business Continuity-
2024.06.29
——————————————————
#CyberSecurity #NTLM #MITM #Crack
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ntlm-2024-activity-7212622426159869953-Sahj?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
SCADA Security
Red Team Tactics
Evil PLC Attack Weaponizing PLCs 2024
Programmable logic controllers (PLCs) are indispensable industrial devices that control manufacturing processes in every critical infrastructure sector. Because of their position within automation, threat actors covet access to PLCs; several industrial control system malware strains, from Stuxnet to Incontroller/ Pipedream, have targeted PLCs. But what if the PLC wasn’t the prey, and instead was the predator? This paper describes a novel attack that weaponizes popular programmable logic controllers in order to exploit engineering workstations and further invade OT and enterprise networks. We’re calling this the Evil PLC Attack.
The attack targets engineers working every day on industrial networks, configuring and troubleshooting PLCs to ensure the safety and reliability of processes across critical industries such as utilities, electricity, water and wastewater, heavy industry, manufacturing, and automotive, among others.
The Evil PLC Attack research resulted in working proof-of-concept exploits against seven market-leading automation companies, including Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO, and Emerson.
This paper will describe in depth, not only how engineers diagnose PLC issues, write, and transfer bytecode to PLCs for execution, but also how Team82 conceptualized, developed, and implemented numerous novel techniques to successfully use a PLC to achieve code execution on the engineer’s machine. Below is a list of affected vendors and products, as well as links to their respective advisories and remediations (or mitigations).
Special Thanks❤️😇👍🏽🙏
Claroty Partners
Claroty
-Secure Business Continuity-
2024.06.26
——————————————————
#CyberSecurity #Plc #SCADA
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_scada-security-evil-plc-2024-activity-7211808764415381505-Z_Ra?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as a Service (vCISO)
Attack Surface Management (ASM)
We are proud to introduce the Trend service from "Diyako Secure Bow," focusing on Attack Surface Management (monitoring information leaks in the deep and dark web).
The Attack Surface Management (ASM) service has been provided as a subset of CISO as a Service by Diyako Secure Bow for approximately one year. This service has been confidentially offered to major organizations such as petrochemical companies, gas companies, banks, PSPs, parent organizations, and large private companies, with a strong emphasis on social responsibility. Reports regarding leaks related to their organizations observed in the deep web, especially the dark web, have been accompanied by detailed descriptions of the types and extent of leaks and supply chain attacks.
Key Features and Scope:
This service specializes in proactive monitoring and threat identification in the deep and dark web. These services are designed to identify and report threats and security incidents related to our customers' sensitive information and operations. Using advanced monitoring tools and techniques, ASM provides timely alerts and actionable information to effectively manage risks.
Strategic Importance:
In today's rapidly changing security landscape, ASM plays a key role in protecting organizations against complex threats. Our approach combines state-of-the-art technologies and specialized analysis designed to maintain operational continuity and secure customers' critical assets and data.
Client Impact:
By designing and implementing this service as part of our commercial collaboration with major banks in Iran, ASM has proven its effectiveness in enhancing stability and responsiveness to security incidents. This collaboration demonstrates our commitment to providing advanced security solutions that are compatible with the specific needs of each customer.
Conclusion:
In the ASM service provided by Diyako Secure Bow, we demonstrate our commitment to delivering quality cybersecurity and mitigating emerging threats. We are committed to supporting organizations in maintaining operational continuity and protecting their valuable assets through innovative security solutions.
For more information on how to benefit from ASM in your organization, please contact us.
-Secure Business Continuity-
2024.06.22
——————————————————
#CyberSecurity #ASM #Darkweb #GRC
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-cybersecurity-asm-activity-7211590249083260928-a1gp?utm_source=share&utm_medium=member_ios
Diyako Secure Bow is proud to announce:
We offer a unique opportunity for seasoned professionals aiming to advance to project management and senior leadership roles in cybersecurity within any industry. Our hands-on, interactive workshops provide the latest methods and techniques in cybersecurity management.
Since 2017, we have delivered our customized Chief Information Security Officer (CISO) training effectively to 330 sensitive/governmental agencies. These programs have catered to specialists ranging from analysts to managers across various departments, including Information Security, Network Security, Security Operations Centers (SOC), Cyber Incident Response Teams (CSIRT), and other related cybersecurity teams.
Due to popular demand, we are excited to announce the 41st open-enrollment session! 🥳
Benefits of Our CISO Training Courses:
- Acquire Advanced Skills: Gain the necessary skills and knowledge to manage cyber risks, develop effective security strategies and programs, and ensure your organization's security.
- Expert Instruction: Courses are taught by the Diyako Secure Bow training team in collaboration with the Sharif University of Technology's Jihad Daneshgahi (as a legal consortium). Our experienced instructors hold relevant international certifications, providing you with the best practices and global standards for leading projects to benefit your organization with a focus on business continuity, professional ethics, and integrity.
-Professional Networking: A unique opportunity to connect with other cybersecurity professionals and experts, building a powerful professional network.
- Accredited Certification: Upon completion, receive a prestigious certificate from Diyako Secure Bow, enhancing your professional credentials.
If you are looking to advance your career in cybersecurity, register now. Spaces are limited!
Note: A minimum of 3 years of verifiable technical security experience is required. The first step is to review your LinkedIn profile, followed by a specialized interview upon approval. Only then can you proceed with registration.
Please do not be disheartened if not approved; Diyako's approach is not merely revenue-driven. It is about imparting knowledge and experience to ensure that you have the necessary foundation to truly benefit from the program and enhance your specialized security skills. 😎
Feel free to make any adjustments or additions as needed! For more information and registration:
📞 Contact:
+98 21 91 691 692
✉️ Email:
Training@Diyako.io
#CyberSecurity #CISO #Training #InfoSec #DiyakoSecureBow
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.06.25