Threat Intelligence with MISP: Part 1 – Setting up MISP with Docker

by
This entry is part 18 of 23 in the series Threat Detection Engineering

Views: 61Step-by-Step Guide to Install MISP Using Docker on Ubuntu In this guide, we will walk through the steps to install the MISP (Malware Information Sharing Platform) using Docker on an Ubuntu server. Prerequisites Before we begin, make sure your system meets the following requirements: Step 1: Update Your Server and Install Docker First, ensure … Read more

Yara

by
This entry is part 17 of 23 in the series Threat Detection Engineering

Views: 30“The pattern matching swiss knife for malware researchers (and everyone else)”  Useful Yara Resources Various Github repositories provide a wealth of examples of YARA, https://github.com/Yara-Rules/rules/tree/master/malware https://github.com/mikesxrs/Open-Source-YARA-rules/tree/masterUseful Yara Rules Repositories The DFIR Report” shares YARA rules derived from their investigations, https://github.com/The-DFIR-Report/Yara-RulesYara DFIR Report YARA in a nutshell YARA is a tool aimed at (but not limited … Read more

Web Attacks

by
This entry is part 3 of 4 in the series Offensive Testing Enterprise Networks

Views: 12Enumeration & Brute Force Authentication enumeration is a fundamental aspect of security testing, concentrating specifically on the mechanisms that protect sensitive aspects of web applications; this process involves methodically inspecting various authentication components ranging from username validation to password policies and session management. Each of these elements is meticulously tested because they represent potential … Read more

NIST Cybersecurity Framework (CSF) and ISO/IEC 27001

by
close up view of system hacking
This entry is part 2 of 3 in the series Cyber Security Frameworks

Views: 3NIST Cybersecurity Framework (CSF) and ISO/IEC 27001 NIST CSF Functions and Categories to ISO/IEC 27001 Annex A Controls Identify (ID) Protect (PR) Detect (DE) Respond (RS) Recover (RC) NIST SP 800-53 to ISO/IEC 27001 Annex A Controls Access Control (AC) Awareness and Training (AT) Audit and Accountability (AU) Security Assessment and Authorization (CA) Configuration … Read more

Digital Operational Resilience Act (DORA)

by
close up view of system hacking
This entry is part 3 of 3 in the series Cyber Security Frameworks

Views: 17Understanding the Digital Operational Resilience Act (DORA): A Comprehensive Overview In an era where digitalization permeates every aspect of our lives, the importance of cybersecurity and operational resilience has never been more critical. The European Union’s Digital Operational Resilience Act (DORA) stands as a landmark regulatory framework aimed at enhancing the digital operational resilience … Read more

CTI_June2024: Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution

by

Views: 12SOURCE: MS-ISAC TLP:CLEARMS-ISAC CYBERSECURITY ADVISORY MS-ISAC ADVISORY NUMBER:2024-074 DATE(S) ISSUED:06/25/2024 SUBJECT:Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution OVERVIEW:Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged … Read more