Some notes and reflections on the Terminator threat Throughout the week, a tool called «Terminator» has been discussed in the media, which woul... 2023-6-2 17:16:55 | 阅读: 3 | 收藏 | Tarlogic Security - www.tarlogic.com terminator microsoft security malicious byovd

Why does your company need ransomware simulations? 1. Ransomware attacks, a hazardous scenario2. What are ransomware simulations?2.1. Which compa... 2023-5-30 15:36:13 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com ransomware simulations defensive resilience security

CVE-2023-2825: Critical vulnerability affects Gitlab Information about a new critical vulnerability affecting Gitlab software has been disclosed. Th... 2023-5-30 15:21:53 | 阅读: 12 | 收藏 | Tarlogic Security - www.tarlogic.com gitlab 2825 software urgently attachment

DNS Water Torture: how not to drown in this tsunami of requests 1. Understanding the domain name system2. The lifetime of a DNS record3. DNS Water Torture4. D... 2023-5-24 23:54:43 | 阅读: 3 | 收藏 | Tarlogic Security - www.tarlogic.com water torture victim attackers

CVE-2023-32233: Privilage escalation in Linux Kernel due to a Netfilter nf_tables vulnerability Recently, a user-after-free vulnerability (CVE-2023-32233) has been published that would allow... 2023-5-18 18:47:33 | 阅读: 23 | 收藏 | Tarlogic Security - www.tarlogic.com 32233 netfilter sysctl userns

CVE-2023-27363: Proof of concept for remote code execution in Foxit Reader Following the initial announcement of a critical vulnerability (CVE-2023-27363) which allows re... 2023-5-15 21:54:47 | 阅读: 38 | 收藏 | Tarlogic Security - www.tarlogic.com foxit 27363 github software cpath

EPSS: What is the probability of a vulnerability being exploited? 1. What is EPSS?1.1. Incorporation of up-to-date, real-world information1.2. A model to automa... 2023-5-15 21:14:53 | 阅读: 14 | 收藏 | Tarlogic Security - www.tarlogic.com epss exploited indicator probability

Attack Path Management: Securing the Active Directory 1. Active Directory: Essential for businesses and a target for bad guys1.1. Why is AD an attra... 2023-5-10 22:58:16 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com network security routes malicious

The 10 Keys to Ransomware as a Service 1. Ransomware, the great threat of this era2. What is Ransomware as a Service?2.1. Developers2... 2023-4-27 14:50:33 | 阅读: 8 | 收藏 | Tarlogic Security - www.tarlogic.com ransomware attackers criminal affiliates malicious

The 6 keys to threat modeling 1. What is threat modeling?1.1. Elements1.2. Find answers to 4 basic questions2. Objectives of... 2023-4-17 23:9:45 | 阅读: 7 | 收藏 | Tarlogic Security - www.tarlogic.com modeling threats security software objectives

4 key differences between Pentesting and Red Team 1. Pentesting: Meeting predefined objectives2. Red Team: Improving resilience to attacks3. The... 2023-4-11 23:28:17 | 阅读: 5 | 收藏 | Tarlogic Security - www.tarlogic.com security objectives

Blue Team, proactive defence against threats Blue Team proactively looks for threats that could put an organisation’s assets at risk and in... 2023-4-4 19:18:23 | 阅读: 4 | 收藏 | Tarlogic Security - www.tarlogic.com security defensive threats objectives

Cyber Kill Chain. Dissecting the 7 phases of a targeted cyber attack 1. The origin of the Cyber Kill Chain: from military to virtual2. Combating advanced persisten... 2023-3-29 19:3:35 | 阅读: 8 | 收藏 | Tarlogic Security - www.tarlogic.com security threats phases guys malicious

Fancy Bear and where to find them Who is Fancy Bear?Malware and TTPsDeveloped queriesTA0002: ExecutionTA0003: PersistenceTA0004:... 2023-3-28 19:49:44 | 阅读: 5 | 收藏 | Tarlogic Security - www.tarlogic.com fancy bear microsoft windows marzo

NIST and secure software development Why use the Secure Software Development Framework?2. Best practices to achieve results2.1. Pre... 2023-3-22 18:47:11 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com software development security

OWASP SCVS: Reducing Risks in the Software Supply Chain 1. What is OWASP SCVS?2. Verification levels of software components2.1. Designing a strategy t... 2023-3-15 22:40:58 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com software scvs security

BlueTrust, goodbye to Bluetooth privacy BlueTrust and protocol security flawsBluetoothBIAS and KNOBHow we got to BlueTrustConclusions... 2023-3-8 20:52:16 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com security bias bluetrust firmware

Improving APT resilience A general approach to accelerating APT defensive capabilitiesA particular approach to comp... 2023-3-6 20:55:8 | 阅读: 6 | 收藏 | Tarlogic Security - www.tarlogic.com defensive resilience agreed apts malicious

CIS Controls Implementation Groups: How to protect enterprises 1. Digitalization and cybersecurity2. SMEs, the target of cyberattacks3. CIS Controls Implemen... 2023-2-28 19:44:46 | 阅读: 8 | 收藏 | Tarlogic Security - www.tarlogic.com security safeguards sized smes

Supply chain attacks: When the bad guys attack from behind 1. What are supply chain attacks?1.1. Attacking library vulnerabilities1.1.1. Log4Shell, a par... 2023-2-22 16:23:29 | 阅读: 10 | 收藏 | Tarlogic Security - www.tarlogic.com software security lifecycle