16255
@cissp International channel 4 Transmission Knowledge In the Field of Cyber Security with a Focus on the Content of the CISSP-ISC2 Course - - - - - - - - - - +also group: https://t.me/cisspgroup ————————— @alirezaghahrood
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Human Risk Management (HRM):
In the evolving landscape of cybersecurity, traditional defenses like firewalls, encryption, and intrusion detection systems are no longer sufficient on their own. As cyber threats grow more sophisticated, attackers increasingly exploit the weakest link: human behavior. This has given rise to a new paradigm in cybersecurity—Human Risk Management (HRM).
HRM focuses on managing and mitigating risks that stem from human actions, whether intentional or accidental. Unlike traditional security approaches that primarily focus on technical controls, HRM recognizes that employees, partners, and even customers can be exploited through phishing attacks, social engineering, or simple human error. With cybercriminals often targeting individuals rather than systems, understanding and addressing the human factor has become essential.
Key Components of HRM
Security Awareness Training: The cornerstone of HRM is continuous education. Employees need to be trained not just once but regularly, ensuring they understand the latest threats and how to respond appropriately.
Behavioral Analytics: HRM uses tools to analyze user behavior, identifying potential risks such as unusual access patterns, abnormal downloads, or inconsistent login times that could indicate compromised accounts.
Cultural Change: Cybersecurity isn't just an IT issue; it's a company-wide concern. HRM promotes a culture of security where every employee is vigilant and understands their role in protecting the organization.
Incident Response and Reporting: Encouraging a quick and transparent reporting culture is key. Employees need to feel safe reporting suspicious activities or mistakes, allowing the organization to respond swiftly before threats escalate.
Tailored Policies: Different roles within an organization carry different levels of risk. HRM customizes security policies to reflect the unique vulnerabilities associated with each role, ensuring a more targeted approach to risk mitigation.
Why HRM Matters
The rise of remote work, cloud computing, and increasingly sophisticated phishing tactics has made human risk a critical focus for organizations. HRM helps bridge the gap between technology and human behavior, creating a more holistic and resilient defense strategy.
By treating humans as a core component of the cybersecurity ecosystem—rather than the weakest link—HRM represents the new frontier in building a robust and adaptive defense against modern cyber threats. Organizations that implement HRM not only improve their security posture but also foster a proactive and security-conscious workforce, reducing the likelihood of breaches and data loss.
Special Thanks❤️😇👍🏽🙏
Infosec
Keatron Evans
-Secure Business Continuity-
2024.09.26
——————————————————
#SecurityAwareness #Phishing #SE #simulation #BCP #Risk
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-securityawareness-phishing-activity-7245020235555127296-NzqS?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
A Guide to Building a Secure SDLC
Which Scanning Tools Should I look at,and where do they go?
Special Thanks❤️😇👍🏽🙏
@Matt Brown
-Secure Business Continuity-
2024.09.21
——————————————————
#CyberSecurity #ApplicationSecurity #SDLC #RASP
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_guide-4-secure-sdlc-activity-7243162284502507520-YsJz?utm_source=share&utm_medium=member_ios
𝗙𝗿𝗲𝗲 𝗦𝗜𝗘𝗠 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 𝟮𝟬𝟮𝟰
General
📎Windows Logging Basics:
https://lnkd.in/grKYFQzJ
📎Jose Bravo - What is a SIEM? (5 Vídeos):
https://lnkd.in/gc2UDpeD
📎PowerSIEM Analyzing Sysmon Events with PowerShell:
https://lnkd.in/g_8Eq8vm
QRadar
https://lnkd.in/gd7V_4pe
📎QRadar 101:
https://lnkd.in/esbz2RjK
📎QRadar SIEM Foundation:
https://lnkd.in/es8NAdAw
📎Ariel Query Language Guide: https://lnkd.in/eAMKy25q
Splunk
📎Course Catalog :
https://lnkd.in/ekm6RekE
📎Basic Searching:
https://lnkd.in/gygnTMfD
📎Practical Splunk - Zero to Hero : https://lnkd.in/ePF_3PWj
📎Splunk Use Cases:
https://lnkd.in/eJ4CTNV2
📎Exploring Splunk:
https://lnkd.in/e8gVvMuu
Microsoft Sentinel
📎What is Microsoft Sentinel: https://lnkd.in/gdB7dAdU
📎Microsoft Sentinel Level 400 training :
https://lnkd.in/ezDkpWmx
📎SOC 101:
https://lnkd.in/evnF6kNm
FortiSIEM:
https://lnkd.in/e5TvYZYt
AlienVault OSSIM
📎Cybrary - AlienVault OSSIM: https://lnkd.in/gRZAansT
Elastic - SIEM
📎Fundamentals:
https://lnkd.in/gYNYs9vS
ArcSight
📎Paul Brettle - What is Series: https://lnkd.in/gh5ruPZt
📎Paul Brettle - ArcSight ESM 101: https://lnkd.in/gS33AJdk
📎ArcSight Tutorial:
https://lnkd.in/guEydy_U
M SureLogSIEM Training
📎Training (English):
https://lnkd.in/eAnAYDWJ
📎Training PDF:
https://lnkd.in/eXYFmqqV
📎User Guide PDF:
https://lnkd.in/e4HqkexW
LogSign
📎Training:
https://lnkd.in/eXnjymv6
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.09.20
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Whitepaper
Malware analysis
The EV Code Signature Market for eCrime 2024.
The EV Code Signature Market for eCrime:
• Code Signing Technology allows developers to digitally sign their programs, ensuring authenticity and integrity.
• This can be exploited by malicious actors to bypass security measures, gain privileges, and deceive users with seemingly legitimate certificates.
• The cybercrime market for EV certificates offers a wide range of services, including various certificate authorities and delivery methods.
• To obtain code signing certificates, resellers can register new companies, impersonate existing ones, or acquire then through theft.
Introduction
Code signing is a technology that allows software developers to attach a digital signature to their programs, proving that the code is authentic and has not been tampered with. Malicious actors exploit code signing to bypass security measures, gain administrative privileges, and enhance user trust by using legitimate-seeming certificates.
The cybercrime market for code signing certificates mainly focuses on EV certificates, with prices ranging from $2000 to $6000. The resellers can either register a new company or impersonate an existing company to get a valid certificate from a certificate authority.
Malware campaigns, such as QakBot and Grandoreiro, have used valid EV code signing certificates obtained through company impersonation or exploiting closed companies. Code signing certificates can also be obtained through theft, as seen in incidents like the theft of NVIDIA's code signing certificates by the Lapsus$ extortion group in early 2022.
Special Thanks❤️😇👍🏽🙏
Intrinsec
-Secure Business Continuity-
2024.09.17
——————————————————
#CyberSecurity #ThreatIntelligence
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-threat-intelligence-2024-activity-7241890551652925441-8nGV?utm_source=share&utm_medium=member_ios
Tech book
Ethical Password Cracking:
Decode passwords using John the Ripper, hashcat, and advanced methods for password breaking 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.09.09
Tech book
API Security for White Hat Hackers: Uncover offensive defense strategies and get up to speed with secure API implementation 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.09.01
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
CyberSentry Program:
(Mission Need)
Successful cyberattacks on our nation’s critical infrastructure can have severe consequences for our power and water supply, our bank accounts, our medical care, and other important National Critical Functions (NCFs) that underpin our national security, public safety, and economic prosperity. These kinds of attacks are becoming more common and more dangerous.
Many organizations have deployed advanced cybersecurity capabilities to safeguard their enterprises against cyber threats. More can be done to help protect the nation’s most critical infrastructure from malicious activity, including threats originating from advanced cyber actors and highly sophisticated criminal organizations that could result in severe impacts to NCFs and, by extension, everyone in the United States.Through the CyberSentry program, CISA supports national efforts to defend U.S. critical infrastructure networks, thus protecting American interests, American people, and the American way of life.
National Terrorism Advisory System
The National Terrorism Advisory System (NTAS) is designed to communicate information about terrorist threats by providing timely, detailed information to the American public. All Americans share responsibility for the nation's security, and should always be aware of the heightened risk of terrorist attack in the United States and what they should do. contains current NTAS advisories (both Alerts and Bulletins), archived copies of expired advisories, and additional information on the NTAS system.DHS replaced the color-coded alerts of the Homeland Security Advisory System (HSAS) with the National Terrorism Advisory System (NTAS) in 2011.
Special Thanks❤️😇👍🏽🙏
CISA Alumni Group
Cybersecurity and Infrastructure Security Agency
-Secure Business Continuity-
2024.08.26
——————————————————
#CISA #DOD #DHS #CyberSecurity #Vulnerability #NIST
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cybersentry-program-2024-activity-7233794950046392320-qpw4?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
OT Security:
Operational technology (OT) is the hardware and software that monitors and controls devices, processes, and infrastructure, and is used in industrial settings.
However, as OT itself becomes increasingly connected and hosts numerous critical physical processes, it becomes a tempting target for threat actors. Processes and systems can be hacked, and threats jeopardize data integrity and potentially endanger the safety and continuity of industrial operations
OT systems control and monitor physical equipment and processes in industries like manufacturing and energy. They focus on real-time management to ensure efficiency and safety. IT systems, on the other hand, are designed to collect, process, and store data, assisting in business decision-making and communication.
Special Thanks❤️😇👍🏽🙏
CISA Alumni Group
Cybersecurity and Infrastructure Security Agency
-Secure Business Continuity-
2024.08.24
——————————————————
#OTSecurity #OT #Operationaltechnology #Energy #NetworkSecurityDesign
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-otsecurity-ot-activity-7233115193294168064-xmVb?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Analytics
A Visual Exploration of Exploitation in the Wild 2024.
Special Thanks❤️😇👍🏽🙏
Cyentia Institute
Tenable
-Secure Business Continuity-
2024.08.19
——————————————————
#CyberSecurity #EXPLOITATION #ACKNOWLEDGMENTS #TENABLE
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_epss-exploits-2024-activity-7231188866605473792-9QgR?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Threat Research
ERIAKOS Scam Website Campaign: Screens Victims Based on Mobile and Ad Access, Likely to Evade Detection 2024.
Special Thanks❤️😇👍🏽🙏
Recorded Future
-Secure Business Continuity-
2024.08.02
——————————————————
#CyberSecurity #Attack #Phishing #Scam
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_threat-research2024-activity-7225082593606549504-VO5K?utm_source=share&utm_medium=member_ios
Tech book
Mobile Security
Malware analysis
The Android Malware Handbook:
Detection and Analysis by Human and Machine 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.08.02
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Hardware Security
PKfail Research Report 2024.
https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem
Special Thanks❤️😇👍🏽🙏
BINARLY
👇🏻
/channel/CISOasaService/15270
-Secure Business Continuity-
2024.07.30
——————————————————
#CyberSecurity #Hardware #CVE
#SecureBusinessContinuity
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Hardware Security
PKfail Research Report 2024.
https://www.binarly.io/blog/pkfail-untrusted-platform-keys-undermine-secure-boot-on-uefi-ecosystem
Special Thanks❤️😇👍🏽🙏
BINARLY
-Secure Business Continuity-
2024.07.30
——————————————————
#CyberSecurity #Hardware #CVE
#SecureBusinessContinuity
Techbook
WebApp Security
Web Application Security:
Exploitation and Countermeasures for Modern Web Applications 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.07.30
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Industrial Control Systems (ICS) have migrated from stand-alone isolated systems to interconnected systems that leverage existing communication platforms and protocols to increase productivity, reduce operational costs and further improve an organization’s support model. ICS are responsible for a vast amount of critical processes necessitating organizations to adequately secure their infrastructure. Creating strong boundaries between business and process control networks can reduce the number of vulnerabilities and attack pathways that an intruder may exploit to gain unauthorized access into these critical systems.
This paper provides guidance to those organizations that must secure their ICS systems and networks through a defense-in-depth approach to security, achieved through the identification of key security patterns and controls that apply to critical information security domains. The goal is a visual explanation that allows stakeholders to understand how to reduce information risk while preserving the confidentiality, integrity and availability of critical infrastructure resources in the industrial control environment.
Special Thanks❤️😇👍🏽🙏
SANS Institute
SANS Technology Institute
SANS ICS
SANS Cyber Academy
SANS Cyber Defense
-Secure Business Continuity-
2024.07.26
——————————————————
#CyberSecurity #SANS #Malware #secure
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_secure-architecture-ics-2024-activity-7222565272119873538-hekE?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Security Operation Center (SOC) is a centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organization's security posture while preventing, detecting, analyzing, and responding to cybersecurity incidents.
A SOC acts like the hub or central command post, taking in telemetry from across an organization's IT infrastructure, including its networks, devices, appliances, and information stores, wherever those assets reside. The proliferation of advanced threats places a premium on collecting context from diverse sources. Essentially, the SOC is the correlation point for every event logged within the organization that is being monitored. For each of these events, the SOC must decide how they will be managed and acted upon.
10 key functions performed by the SOC:
1. Take Stock of Available Resources
How The SOC Protects
The SOC should also have a complete understanding of all cybersecurity tools on hand and all workflows in use within the SOC. This increases agility and allows the SOC to run at peak efficiency
2. Preparation and Preventative Maintenance
Preparation
Preventative Maintenance
3. Continuous Proactive Monitoring
4. Alert Ranking and Management
5. Threat Response
These are the actions most people think of when they think of the SOC. As soon as an incident is confirmed, the SOC acts as first responder, performing actions like shutting down or isolating endpoints, terminating harmful processes (or preventing them from executing), deleting files, and more. The goal is to respond to the extent necessary while having as small an impact on business continuity as possible.
6. Recovery and Remediation
7. Log Management
8. Root Cause Investigation
9. Security Refinement and Improvement
Cybercriminals are constantly refining their tools and tactics—and in order to stay ahead of them, the SOC needs to implement improvements on a continuous basis. During this step, the plans outlined in the Security Road Map come to life, but this refinement can also include hands-on practices such as red-teaming and purple-teaming.
10. Compliance Management
Many of the SOC’s processes are guided by established best practices, but some are governed by compliance requirements. The SOC is responsible for regularly auditing their systems to ensure compliance with such regulations, which may be issued by their organization, by their industry, or by governing bodies. Examples of these regulations include GDPR, HIPAA, and PCI DSS. Acting in accordance with these regulations not only helps safeguard the sensitive data that the company has been entrusted with—it can also shield the organization from reputational damage and legal challenges resulting from a breach.
Special Thanks❤️😇👍🏽🙏
Trellix
-Secure Business Continuity-
2024.09.25
——————————————————
#CyberSecurity #SOC #CSIRT #ASM #TTP #IR #vCISO
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-cybersecurity-soc-activity-7244670207393157120-Wv21?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
The Importance of Industrial Cybersecurity
As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as a critical enabler for safely and securely advancing business goals through technological innovation.
Advancing connectivity and digitalization of operational technology (OT) provides significant benefits to the business, including:
• increased automation,
• improved process efficiency,
• better asset utilization, and
• enhanced telemetry of machinery for business forecasting and equipment maintainability.
But when the cyber risks of this connectivity aren’t addressed in tandem with innovation, the benefits can be diminished by heightened impact from security incidents.
The previous year offered up dramatic examples of the types of critical infrastructure risks that are exacerbated by the absence of effective OT cybersecurity preparation. The industrial world has seen electric power plants at risk from vulnerable information technology (IT) remote administration tools, and disruptive cyber attacks against water treatment facilities and natural gas pipelines.
This is a pivotal time for boards of directors and their executive teams— led by guidance from CISOs and risk executives—to start aligning appropriate risk management with operational innovation
Special Thanks❤️😇👍🏽🙏
-Secure Business Continuity-
2024.09.21
——————————————————
#CyberSecurity #IIOT #OT #ICS
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_industrial-cybersecurity-4-ce0ciso-activity-7243155703085838336-IK90?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
🔐 Introducing Diyako Secure Bow:
At DSB Co, we provide specialized and advanced cybersecurity services, helping businesses protect themselves against emerging and complex cyber threats.
💡Our Main Service:
VCISO (CISO as a Service)
DSB Co is a leader in cybersecurity, offering
VCISO (Chief Information Security Officer as a Service).This service provides organizations with an efficient solution to manage and optimize their cybersecurity strategies without the need to hire a full-time CISO.
🔧 VCISO Sub-services:
1. Cybersecurity Strategy Development and Implementation: We design and implement tailored cybersecurity strategies to meet the unique needs of your organization.
2. Risk Assessment and Management: Identifying and assessing security risks, and offering solutions to mitigate these threats.
3. Continuous Cybersecurity Monitoring and Improvement: Ongoing monitoring of activities and systems to ensure security measures are updated and optimized.
4. Employee Training and Awareness: Providing cybersecurity training to staff to reduce human-related risks.
5. Consulting on Security Technology Selection and Implementation: Guidance and support in selecting and implementing the best security tools.
🌐 Why Diyako Secure Bow
With our team of experienced professionals and consultants, we guarantee the highest level of information security and provide practical, effective solutions for managing your organization's cybersecurity.
+😇With nearly two decades of experience, a team of professionals holding internationally recognized certifications, and proven expertise in enterprise-level projects🙏❤️
-Secure Business Continuity-
2024.09.15
——————————————————
#vCISO #CISO #CyberSecurity #InformationSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyako-secure-bow-en-resume-activity-7240967137840840704-In_X?utm_source=share&utm_medium=member_ios
Research
Unveiling Mac Security:
A Comprehensive Exploration of Sandboxing and AppData TCC 2024.
https://github.com/guluisacat/MySlides/tree/main/BlackHatUSA2024_KCon2024
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.09.09
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Why national cybersecurity authorities would request the information in the
proposed Cyber Incident Reporting Form:
In defining which entities should be covered by a reporting mandate, NCAs may wish to consider a variety of factors. Whether an entity is part of critical infrastructure, as defined by national cybersecurity strategies or other foundational policy documents, should be a primary area of consideration. Additionally, NCAs should consider the size of the entity and their ability
to access and implement cybersecurity best practices. Determination of the scope of reporting mandates should be done in consultation with relevant industry leaders and sector-specific government regulators; governments may also benefit from broad public consultation to best scope the mandate. Governments should also send clear signals that they welcome voluntary
reporting from non-covered entities and indicate how to make such voluntary reports.
Consistent with this approach, we offer one possible definition of a covered entity: A covered entity is an entity that owns or operates an information technology (IT), operational technology (OT), other digital system, or social media account in one or more of the critical sectors defined by the published national cybersecurity strategy and has:
● “More than 50 employees,
● More than 1,000 customers, or
● Revenues greater than a nationally relevant threshold.
Beyond the definition, ensuring that every organization knows whether or not it is a covered entity is a challenge. National cybersecurity authorities, ideally in collaboration with sector-specific government entities, should implement broad awareness campaigns among business leaders and relevant trade councils to inform as many organizations as possible about their reporting obligations. Further, some organizations may ask the government to provide them with guidance about whether they are a covered entity, so NCAs should be prepared to handle such inquiries.
Special Thanks❤️😇👍🏽🙏
Cyber Threat Alliance
Institute for Security and Technology (IST)
Chainalysis
@Ciphertrace
CREST
CYBERA
Cybercrime Support Network
CyberPeace Institute
-Secure Business Continuity-
2024.08.31
——————————————————
#NSA #CISA #SANS #Incident
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_cyber-incident-reporting-activity-7235575598163648512-PlbE?utm_source=share&utm_medium=member_ios
Techbook
Sec code review
Clean Code Fundamentals:
Hands-on Guide to Understand the Fundamentals of Software Craftsmanship and Clean Code in Java 2024.
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.08.26
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Red Team Tactics
Windows API for Red Team 2024.
Special Thanks❤️😇👍🏽🙏
Joas A Santos
-Secure Business Continuity-
2024.08.20
——————————————————
#CyberSecurity #APISecurity #WAF #Fortinet
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_api-protection-2024-activity-7231495563672748033-lrDV?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Cyber Criminals and attackers have become so creative in their crime type that they have started finding methods to hide data in the volatile memory of the systems. Today, in this article we are going to have a greater understanding of live memory acquisition and its forensic analysis. Live Memory acquisition is a method that is used to collect data when the system is found in an active state at the scene of the crime.Memory forensics is a division of digital forensics that generally emphasizes extracting artefacts from the volatile memory of a system that was compromised. This domain is speedily spreading in cybercrime investigations. The main reason for this is that certain artefacts are extracted from system memory only and cannot be found anywhere else. Analysing memory after capturing the ram is extremely important when it comes to collecting information on ports that were in use, the number of processes running, and the path of
certain executables on the system while carrying out the investigation.
The VolatilityFramework is one such memory analysis tool that works on command-line on Windows and Linux systems.Volatility Workbench is a GUI version of one of the same tool Volatility for analysing the artefacts from a memory dump. It is available free of cost, open-source, and runs on the Windows Operating sys.
Special Thanks❤️😇👍🏽🙏
IgniteTech Infotech
IgniteTech
@hackingarticles
-Secure Business Continuity-
2024.08.09
——————————————————
#CyberSecurity #Dumlp #Forensic #CHFI
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_memory-forensic-2024-activity-7227645320313110529-sGoK?utm_source=share&utm_medium=member_ios
-Cyber Security awareness-
Up2date 4 Defence Today,
Secure Tomorrow
@CisoasaService
2024.08.02
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
CYBERSECURITY ADVISORY
Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
Alert CodeAA21-200
Summary
This Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information on a Chinese Advanced Persistent Threat (APT) group known in open-source reporting as APT40. This advisory provides APT40’s tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help cybersecurity practitioners identify and remediate APT40 intrusions and established footholds.
APT40—aka BRONZE MOHAWK, FEVERDREAM, G0065, Gadolinium, GreenCrash, Hellsing, Kryptonite Panda, Leviathan, MUDCARP, Periscope, Temp.Periscope, and Temp.Jumper—is located in Haikou, Hainan Province, People’s Republic of China (PRC), and has been active since at least 2009. APT40 has targeted governmental organizations, companies, and universities in a wide range of industries—including biomedical, robotics, and maritime research—across the United States, Canada, Europe, the Middle East, and the South China Sea area, as well as industries included in China’s Belt and Road Initiative.
On July 19, 2021, the U.S. Department of Justice (DOJ) unsealed an indictment against four APT40 cyber actors for their illicit computer network exploitation (CNE) activities via front company Hainan Xiandun Technology Development Company (Hainan Xiandun). Hainan Xiandun employee Wu Shurong cooperated with and carried out orders from PRC Ministry of State Security (MSS) Hainan State Security Department (HSSD) intelligence officers Ding Xiaoyang, Zhu Yunmin, and Cheng Qingmin to conduct CNE. Wu’s CNE activities resulted in the theft of trade secrets, intellectual property, and other high-value information from companies and organizations in the United States and abroad, as well as from multiple foreign governments. These MSS-affiliated actors targeted victims in the following industries: academia, aerospace/aviation, biomedical, defense industrial base, education, government, healthcare, manufacturing, maritime, research institutes, and transportation (rail and shipping).
Click here for a PDF version of this report.
https://lnkd.in/dVQDgJHU
https://lnkd.in/d4fd2xtZ
Special Thanks❤️😇👍🏽🙏
CISA Alumni Group
Cybersecurity and Infrastructure Security Agency
-Secure Business Continuity-
2024.07.31
——————————————————
#CyberSecurity #MitreAttack #Chain #RiskManagement
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_tactics-techniques-and-procedures-of-indicted-activity-7224365338149154816-M6hk?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Techbook
WebApp Security
Web Application Security:
Exploitation and Countermeasures for Modern Web Applications 2024.
Special Thanks❤️😇👍🏽🙏
👇🏻
/channel/CISOasaService/15265
/channel/cissp/7549
-Secure Business Continuity-
2024.07.30
——————————————————
#CyberSecurity #webapp #OWASP #secure
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_ciso-as-a-service-activity-7223828052303085568-IsKd?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Promoting Support for Women's Menstrual Health in the Workplace: At Diyako Secure Bow we are proud to announce that, in addition to the legal leave, we have decided to grant one full day of paid leave per month for women during their menstrual cycle. This initiative aims to enhance organizational culture and support the physical and mental well-being of our female colleagues.
Why Have We Made This Decision?
Supporting Women's Health: Menstruation can be accompanied by physical and emotional discomfort.
Providing additional leave allows women to rest and take care of themselves.
Increasing Productivity: Adequate rest and attention to personal health improve overall productivity and performance.
Creating a Supportive Work Environment: With this initiative, we strive to create a supportive and understanding work environment for all our colleagues.
Call to Action
We invite other companies and organizations to consider the specific needs of their employees and promote a culture of health and well-being in the workplace. We believe that fostering such a culture benefits not only the employees but the entire organization.
Let's take a positive step together to support female colleagues and enhance organizational culture.
Best regards,
Alireza Ghahrood
Founder, vCISO
-Secure Business Continuity-
2024.07.27
——————————————————
#WomensHealth #OrganizationalSupport #CompanyCulture #CyberSecurity
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_diyakosecurebow-womenshealth-organizationalsupport-activity-7222816726768373760-8vmD?utm_source=share&utm_medium=member_ios
#DiyakoSecureBow
————————————
CISO as A Service (vCISO)
Exploring Infostealer Malware Techniques on
Automotive Head Units:
Automotive vehicles have become exponentially more computerized in the last decade, and automakers continue to add new functionality and integrations to these systems. While most research focuses on the safety features of autonomous and semi-autonomous vehicle capabilities, there is little research regarding the data collected by these systems and whether this data is of interest to threat actors.
By exploring exposed data, pivot points, and user impact, automakers and drivers can benefit from understanding how they can better protect themselves from unwanted data exposure and potential malware.
The research conducted focuses on threat modeling a sampled Android-based infotainment system, ascertaining what data could be of interest to a financially motivated threat actor, and identifying techniques to demonstrate impact.
Special Thanks❤️😇👍🏽🙏
Daniel Mazzella, dmazzella5@gmail.com
Lee Crognale
-Secure Business Continuity-
2024.07.23
——————————————————
#CyberSecurity #Malware #Techniques #Infostealer
#SecureBusinessContinuity
https://www.linkedin.com/posts/diyako-secure-bow_malware-techniques-2024-activity-7221395069918990336-X6bU?utm_source=share&utm_medium=member_ios