OSI in a Cyber Security Breakdown
This is a good breakdown and linking of hacking techniques. This can and will relate to MITRE attack frames and OWASP.
Chinese hackers targeted sanctions office in Treasury attack
Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in…
US shares tips to block hackers behind recent telecom breaches
CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group CISA released guidance today to help network defenders harden…
What is OAuth?
OAuth, short for Open Authorization, is an open standard protocol used for secure authorization. It allows users to grant third-party applications limited access to their resources without sharing their credentials,…
What is Defense In Depth?
“Defense in depth” (DiD) is a cyber security strategy that uses multiple security products and practices to safeguard an organization’s network, web properties, and resources. It is sometimes used interchangeably…
What is an insider threat?
An insider threat is a security risk posed by an employee, former employee, contractor, or vendor. Insider threats can result in fines, reputational damage, and loss of intellectual property. What…
What is a RSA Tolken Keyfob?
An RSA token keyfob, often called an RSA SecurID token, is a hardware device used for two-factor authentication (2FA). Here’s how it works: The RSA token keyfob is a small,…
What are indicators of compromise (IoC)?
Indicators of compromise (IoC) are evidence left behind by an attacker or malicious software that can be used to identify a security incident. What are indicators of compromise (IoC)? Indicators…
US says Chinese hackers breached multiple telecom providers
The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. The breached entities have been…
Over 6,000 WordPress hacked to install plugins pushing infostealers
WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become…