Archive for the ‘Security Incident’ Category

Hackers use legit tool to take over Docker, Kubernetes platforms

In a recent attack, cybercrime group TeamTNT relied on a legitimate tool to avoid deploying malicious code on compromised cloud infrastructure and still have a good grip on it. Source: Hackers use legit tool to take over Docker, Kubernetes platforms Misusing tool of the trade Analyzing the attack, researchers at Intezer discovered that TeamTNT installed […]

Leave a Comment

U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert

The Cybersecurity and Infrastructure Security Agency (CISA) published an alert for Windows users to patch the¬†critical severity¬†Remote Desktop Services (RDS) RCE security flaw dubbed BlueKeep. Source: U.S. Govt Achieves BlueKeep Remote Code Execution, Issues Alert   How to check if a target is vulnerable to the new RDP vulnerability (BlueKeep). Enter your email address: Delivered […]

Leave a Comment

ISO 27001 Information Security Incident Management

Section 13 of Annex A handle information security incident management. One of the important thing to know about this section is the difference between an event and an incident. Information Securty Event: is an occurance of a system, service or netwrok state indicating a possible breach of information security policy or failure of safeguards. Informtaion […]

Leave a Comment

What Is a Security Incident and How to handle one

A security incident is a computer, network, or paper based activity which results (or may result) in misuse, damage, denial of service, compromise of integrity, or loss of confidentiality of a network, computer, application, or data; and threats, misrepresentations of identity, or harassment of or by individuals using these resources. Examples of incidents may include […]

Leave a Comment