Apr 24 2019

Social Engineering Red Flags

Category: social engineeringDISC @ 10:02 pm

Social Engineering Red Flags




22 Social Engineering Red Flags

We recommend EVERYONE to review the 22 social engineering red flags to watch out for in any email. It might be a good idea to print out this PDF and pass it along to family, friends, and coworkers. Remember to always think before you click!



[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/22RedFlags.pdf”]




 Subscribe in a reader

Apr 23 2019

The best antivirus software of 2019

Category: AntivirusDISC @ 12:32 pm

The best antivirus software of 2019

Source: The best antivirus software of 2019


 Subscribe in a reader

Apr 23 2019

Ten Must-Have CISO Skills

Category: CISODISC @ 10:23 am

Source: Ten Must-Have CISO Skills – By Darren Death

  • Recommended titles for CISO
  • CISO’s Library
  • CISOs and the Quest for Cybersecurity Metrics Fit for Business

    •  

     

    CISO should have answers to these questions before meeting with the senior management.

    • What are the top risks
    • Do we have inventory of critical InfoSec assets
    • What leading InfoSec standards and regulations apply to us
    • Are we conducting InfoSec risk assessment
    • Do we have risk treatment register
    • Are we testing controls, including DR/BCP plans
    • How do we measure compliance with security controls
    • Do we have data breach response plan
    • How often we conduct InfoSec awareness
    • Do we need or have enough cyber insurance
    • Is security budget appropriate to current threats
    •  Do we have visibility to critical network/systems
    • Are vendor risks part of our risk register


     Subscribe in a reader

    Apr 21 2019

    Stuxnet Malware Analysis

    Category: MalwareDISC @ 6:15 pm

    Stuxnet Malware Analysis By Amr Thabet


     Subscribe in a reader

    Tags: advanced malware, Advanced persistent threat, Stuxnet

    Apr 20 2019

    Every Linux Networking Tool

    Category: Network security,Security ToolsDISC @ 4:31 pm

    Every Linux Networking Tool – By Julia Evans

    No alt text provided for this image


     Subscribe in a reader

    Tags: Hacker (computer security), Linux Networking Tool, Network tools, security tools

    Apr 19 2019

    Malware Analysis

    Category: MalwareDISC @ 12:17 pm

    Malware Analysis

     

     
    Introduction to Malware Analysis | SANS Lenny Zeltser

     
    Five Awesome Tools to perform Behavioural Analysis of Malware


     Subscribe in a reader

    Tags: complex malware, Malware, malware 2.0

    Apr 18 2019

    What CISO does for a living

    Category: CISODISC @ 9:14 am

    What CISO does for a living by Louis Botha

    It’s based on the CISO mindmap by Rafeeq Rehman, updated for 2018 and adding the less technical competencies

    [pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/CISO-does-for-living.pdf” title=”CISO does for living”]

    Download of What CISO does for a living (pdf)

    CISO MindMap 2018 – What Do InfoSec Professionals Really Do?

     

     

     

    CISO should have answers to these questions before meeting with the senior management.

    • What are the top risks
    • Do we have inventory of critical InfoSec assets
    • What leading InfoSec standards and regulations apply to us
    • Are we conducting InfoSec risk assessment
    • Do we have risk treatment register
    • Are we testing controls, including DR/BCP plans
    • How do we measure compliance with security controls
    • Do we have data breach response plan
    • How often we conduct InfoSec awareness
    • Do we need or have enough cyber insurance
    • Is security budget appropriate to current threats
    •  Do we have visibility to critical network/systems
    • Are vendor risks part of our risk register


     Subscribe in a reader

    Tags: Chief Information Security Officer, CISO

    Apr 17 2019

    Two-factor authentication: A cheat sheet

    Category: 2FA,Cheat SheetDISC @ 10:55 am

    A password alone will not protect sensitive information from hackers–two-factor authentication is also necessary. Here’s what security pros and users need to know about two-factor authentication.

    Source: Two-factor authentication: A cheat sheet



     Subscribe in a reader

    Tags: 2FA, two factor auth

    Apr 16 2019

    Google’s location history data shared routinely with police

    Category: Information PrivacyDISC @ 2:18 pm

    Law enforcement officials in the US have been routinely mining Google’s location history data for criminal investigations.

    Source: Google’s location history data shared routinely with police

     Subscribe in a reader

    Apr 15 2019

    Hackers could read non-corporate Outlook.com, Hotmail for six months

    Category: Email SecurityDISC @ 7:42 pm

    Hackers and Microsoft seem to disagree on key details of the hack.

    Source: Hackers could read non-corporate Outlook.com, Hotmail for six months

    Enter your email address:

    Delivered by FeedBurner

     Subscribe in a reader

    Apr 15 2019

    Internet Explorer flaw leaves Windows users vulnerable to hackers — even those who don’t use the browser

    Category: Web SecurityDISC @ 11:24 am

    A zero-day exploit found in Internet Explorer means hackers could steal files from Windows users. What’s particularly interesting about this security flaw is that you don’t even need to…

    Source: Internet Explorer flaw leaves Windows users vulnerable to hackers — even those who don’t use the browser


    Enter your email address:

    Delivered by FeedBurner

    Apr 14 2019

    Insider Threat Report

    Category: Insider ThreatDISC @ 3:29 pm

    Insider Threat Report – Out of sight should never be out of mind


    Tags: Insider Threat Report

    Apr 13 2019

    Anatomy of a spearphishing attack

    Category: PhishingDISC @ 2:12 pm

    Anatomy of a spear phishing attack

    You may be wondering what it takes to send this type of attack. This is not trivial, and can only be done by someone trained in advanced hacking techniques. We will first take a look at the steps required to send an attack, and then we’ll look at steps to mitigate this threat. For the (simplified) attack steps we am freely borrowing from a great blog post by Brandon McCann, a well-known pentester.

    Image result for spear phishing attack


    Enter your email address:

    Delivered by FeedBurner

    Apr 12 2019

    ‘Dragonblood’ Flaw In WPA3 Lets Hackers Easily Grab Your Wi-Fi Passwords

    Category: Wi-Fi SecurityDISC @ 2:55 pm

    In a research paper titled Dragonblood, published by security researchers Mathy Vanhoef and Eyal Ronen, it has been revealed that WPA3’s secure handshake called Simultaneous Authentication of Equals (SAE), commonly known as Dragonfly, is affected by password partitioning attacks.

    Source: ‘Dragonblood’ Flaw In WPA3 Lets Hackers Easily Grab Your Wi-Fi Passwords

    Artist's impression of wireless hackers in your computer.

    Serious flaws leave WPA3 vulnerable to hacks that steal Wi-Fi passwords


    Multiple Vulnerabilities in WPA3 Protocol


    Enter your email address:

    Delivered by FeedBurner

    Tags: Wi-Fi security, WPA3

    Apr 11 2019

    Half of security pros would rather walk barefoot in a public restroom than use public Wi-Fi

    Category: Wi-Fi SecurityDISC @ 2:06 pm

    Public Wi-Fi is rife with security risks, and cybersecurity professionals aren’t taking any chances, according to a Lastline report.

    Source: Half of security pros would rather walk barefoot in a public restroom than use public Wi-Fi

    05 public wifi wi-fi


    Enter your email address:

    Delivered by FeedBurner

    Tags: Information Privacy, PII security, Wi-Fi, wireless network security

    Apr 10 2019

    How to achieve cyber resilience in 7 steps

    Category: Cyber resilienceDISC @ 5:28 pm

    [pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/04/Cyber-Resilience-in-7-Steps.pdf” title=”Cyber Resilience in 7 Steps”]

     

  • Cyber Resiliency Metrics | MITRE


    • Enter your email address:

    Delivered by FeedBurner

    Apr 09 2019

    LimeRAT spreads in the wild

    Category: MalwareDISC @ 3:58 pm

    Cybaze-Yoroi ZLab team spotted an interesting infection chain leveraging several techniques able to defeat traditional security defences and spread LimeRAT.

    Source: LimeRAT spreads in the wild

  • 2019 State of Malware | MalwareByte Labs


    • Enter your email address:

    Delivered by FeedBurner

    Apr 08 2019

    Information Security Policy Templates

    Category: Security policyDISC @ 9:04 pm

    SANS offers 27 free #cybersecurity policy templates to help your organization develop and implement #infosec policies.

    Free information security policy templates courtesy of the SANS Institute, Michele D. Guel, and other information security leaders.

    Source: SANS Information Security Policy Templates


    Enter your email address:

    Delivered by FeedBurner

    Tags: InfoSec Policies, InfoSec Policy

    Apr 08 2019

    How to protect your business from tax fraud

    Category: Identity TheftDISC @ 10:45 am

    With the April 15th filing deadline around the corner, cybercriminals are counting on a rushed response to questions to infect potential victims.

    Source: How to protect your business from tax fraud


    Enter your email address:

    Delivered by FeedBurner

    Tags: tax fraud, tax scam

    Apr 06 2019

    Metasploit Cheat Sheet

    Category: Cheat Sheet,Security ToolsDISC @ 4:59 pm

    Metasploit Cheat Sheet by TerrorByte


    Enter your email address:

    Delivered by FeedBurner

    « Previous PageNext Page »