Cyber Security Leituras, traduções e links
Thursday, April 11, 2024
SOC 1
Sunday, March 17, 2024
Prevent outsiders from using these Google dorks against your web systems
Modifying the robots.txt file in your server, as follows:
• Prevent indexing from Google by running the following code:
User-agent: Googlebot
Disallow: /
• Prevent Google from indexing a specific file type by running the following code:
User-agent: Googlebot
Disallow: /*.sql$
• Prevent indexing of a given folder by running the following code:
User-agent: Googlebot
Disallow: /directoryName/
• Prevent indexing from other search engines by running the following code:
User-agent: *
Disallow: /
All these are very basic (but feasible) attacks, but now you have learned how to set up
the basics of web security, it's time to move on to the next step and learn about the most
common attacks on web applications.
Anatomy of a Cybersecurity ODM for Threat and Vulnerability Management (TVM)
Focus on Outcomes: Outcome-Driven Metrics in Threat & Vulnerability Management
Traditional security strategies often focus on activity metrics, like the number of vulnerabilities detected or alerts triggered. But what truly matters is the outcome: are we effectively preventing breaches and minimizing damage?
Outcome-Driven Metrics (ODM) in Threat and Vulnerability Management (TVM) shift the focus to measuring the effectiveness of security controls in achieving real-world results. Here's how:
- Prioritize vulnerabilities: ODM helps prioritize vulnerabilities based on their potential impact on the business, not just technical severity.
- Measure remediation effectiveness: Track how quickly and effectively vulnerabilities are patched or mitigated, not just the number of vulnerabilities identified.
- Reduce dwell time: Focus on metrics that show how quickly threats are detected and contained, minimizing the attacker's window of opportunity.
By adopting ODM in TVM, organizations can move beyond simply identifying threats to actively measure their security posture's effectiveness. This data-driven approach allows for better resource allocation and ultimately, a more secure environment.
Unveiling Attacker Strategies: A Shift in the MITRE ATT&CK Landscape
The MITRE ATT&CK framework provides invaluable insights into attacker behavior. In the past, our defenses primarily focused on mitigating tactics like defense evasion and privilege escalation. This focus resulted in a large number of security rules and techniques dedicated to preventing these well-established attacker maneuvers.
However, the latest data reveals a shift in attacker tactics. This year, detections have spiked for tactics associated with the initial stages of an attack, such as initial access and execution. This suggests that attackers are increasingly focusing on establishing a foothold within systems and deploying malicious payloads.
This trend highlights the need for a multi-layered security approach. While maintaining strong defenses against traditional tactics like privilege escalation remains crucial, organizations must also invest in:
- Endpoint security solutions that can detect and prevent initial access attempts, such as phishing emails and malware downloads.
- Network segmentation strategies to limit the attacker's lateral movement within the network once they gain access.
- Continuous monitoring and threat hunting to identify suspicious activity in the early stages of an attack.
GDPR
You have control over your data! The GDPR gives you rights to access, rectify and erase your information. Learn more and ask us about your rights. #GDPR #Privacy
-
Curso Wireshark na UDEMY https://www.udemy.com/curso-profissional-sobre-wireshark/learn/v4/overview A filtragem em sinalizadores...