Archive for the ‘Cyber Threats’ Category

FBI: Hackers stole source code from US government agencies and private companies

FBI blames intrusions on improperly configured SonarQube source code management tools. FBI officials say that threat actors have abused these misconfigurations to access SonarQube instances, pivot to the connected source code repositories, and then access and steal proprietary or private/sensitive applications. Officials provided two examples of past incidents: “In August 2020, unknown threat actors leaked […]

Leave a Comment

Spotting a Common Scam

Spotting a Common Scam  These scams seek to collect personal information about you, often appearing to come from a real business or agency. Someone may pose as an official disaster aid worker, or send you a fraudulent COVID contact tracing email. If you receive a message with a link, you should not click it as it may download malware to your device to […]

Leave a Comment

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded. The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of […]

Leave a Comment

Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet

Academics record light variations in a light bulb to recover the sound waves (speech, conversations, songs) from a room 25 meters (80 feet) away. Source: Lamphone attack lets threat actors recover conversations from your light bulb | ZDNet Download a Security Risk Assessment steps paper! Download a vCISO template Subscribe to DISC InfoSec blog by […]

Leave a Comment

Threat Simulation Overview and Setup – Active Countermeasures

Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[…] Source: Threat Simulation Overview and Setup – Active Countermeasures Why You Need Threat Hunting! Cyber Threat Hunting: Identify and Hunt Down Intruders Real-Time Threat Hunting – SANS Threat Hunting […]

Leave a Comment

Global Threat Detection Report

2019 Global Threat Detection Report 2019 Global Threat Detection Report via CrowdStrike The best practice guide for an effective infoSec function Practice Guide Open a PDF file 2019 Global Threat Detection Report. 2019 Global Threat Report- The 1-10-60 Rule World Economic Forum Global Risks Report 2019 “Threat Detection & Prevention” appliances Subscribe to DISC InfoSec […]

Leave a Comment

What is Cyber Threat Intelligence

What is Cyber Threat Intelligence and How is it used?     Threat Intelligence At Microsoft: A Look Inside – Cyber Threat Intelligence Summit   Security Threat Tables Threat Table Threats List Security Alert Security Exploits Cyber Alert Security Risks Security Vulnerability WebApp Vulnerability Symantec Security Response Microsoft Security Response   Live Cyber Attack Threat Map World’s […]

Leave a Comment

Microsoft renewed its Attack Surface Analyzer, version 2.0 is online

Microsoft has renewed its Attack Surface Analyzer tool (version 2.0) to take advantage of modern, cross-platform technologies. Source: Microsoft renewed its Attack Surface Analyzer, version 2.0 is online  Subscribe in a reader

Leave a Comment