Tag: framework
-
Navigating the Uncharted: A Framework for Attack Path Discovery
This is the second post in a series on Identity-Driven Offensive Tradecraft, which is also the focus of the new course we will launch in October. In t… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/navigating-the-uncharted-a-framework-for-attack-path-discovery/
-
Mitigating Risk in Linux: Strategies for IT Compliance
Implementing robust Linux security measures is fundamental to achieving IT compliance. Adherence to compliance frameworks and standards is essential f… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/mitigating-risk-in-linux-strategies-for-it-compliance/
-
Automated Security Validation: One (Very Important) Part of a Complete CTEM Framework
Tags: frameworkThe last few years have seen more than a few new categories of security solutions arise in hopes of stemming a never-ending tidal wave of risks. One o… First seen on thehackernews.com Jump to article: thehackernews.com/2024/08/automated-security-validation-one-very.html
-
Implementing Identity Continuity With the NIST Cybersecurity Framework
First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/implementing-identity-continuity-with-nist-cybersecurity-framework
-
Researchers Proposed MME Framework To Enhance API Sequence-Based Malware Detection
Deep learning models analyzing API sequences for Windows malware detection face challenges due to evolving malware variants. A group of researchers re… First seen on gbhackers.com Jump to article: gbhackers.com/mme-framework-api-malware-detection/
-
USENIX Security ’23 Squirrel: A Scalable Secure Two-Party Computation Framework for Training Gradient Boosting Decision Tree
Authors/Presenters:Wen-jie Lu, Zhicong Huang, Qizhi Zhang, Yuchen Wang, Cheng Hong Many thanks to USENIX for publishing their outstanding USENIX Secur… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/usenix-security-23-squirrel-a-scalable-secure-two-party-computation-framework-for-training-gradient-boosting-decision-tree/
-
What Are 5 Top Cybersecurity Frameworks?
Many organizations must comply with a mixture of state-mandated, industry-specific, and international cybersecurity regulations. This includes, but is… First seen on itgovernanceusa.com Jump to article: www.itgovernanceusa.com/blog/top-4-cybersecurity-frameworks
-
CMMC Compliance: Customer and Shared Responsibility Matrix
CMMC is a familiar framework to any contractor working as part of the defense industrial base and handling any form of controlled unclassified informa… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/08/cmmc-compliance-customer-and-shared-responsibility-matrix/
-
Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool
The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework a… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/patchwork-hackers-target-bhutan-with.html
-
New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named Specula… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/
-
Misconfigured Selenium Grid servers abused for Monero mining
Threat actors are exploiting a misconfiguration in Selenium Grid, a popular web app testing framework, to deploy a modified XMRig tool for mining Mone… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/misconfigured-selenium-grid-servers-abused-for-monero-mining/
-
Centraleyes Privacy Framework (CPF)
What is the CPF? The Centraleyes Privacy Framework (CPF) is a comprehensive compliance tool designed to help organizations adhere to the diverse priva… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/centraleyes-privacy-framework-cpf/
-
Chinese Hackers Using Shared Framework To Create Multi-Platform Malware
Shared frameworks are often prone to hackers’ abuses as they have been built into various applications, which offer a range of systems that can be exp… First seen on gbhackers.com Jump to article: gbhackers.com/chinese-hackers-shared-framework-malware/
-
USENIX Security ’23 Auditing Framework APIs via Inferred App-side Security Specifications
Authors/Presenters:Parjanya Vyas, Asim Waheed, Yousra Aafer, N. Asokan Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Pres… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/usenix-security-23-auditing-framework-apis-via-inferred-app-side-security-specifications/
-
Vulnerabilities in LangChain Gen AI Could Prompt Data Leak
Open-Source Company Issues Patches After Being Alerted by Palo Alto. A widely used generative artificial intelligence framework is vulnerable to a pro… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/vulnerabilities-in-langchain-gen-ai-could-prompt-data-leak-a-25844
-
ASP.NET Core Web Apps
Tags: frameworkSonar recently added new rules for ASP.NET WebAPI and ASP.NET MVC. In this blog post, we discuss the details of these frameworks within ASP.NET Core a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/asp-net-core-web-apps/
-
Eclypsium for Data Centers
Security frameworks and standards are increasingly emphasizing supply chain and firmware security, and for good reason. Attackers are actively targeti… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/eclypsium-for-data-centers/
-
TuxCare Answers Urgent Needs for Enterprises Facing Spring Framework End of Life
PALO ALTO, Calif. July XX, 2024 TuxCare, a global innovator in cybersecurity for Linux, today announced that its new Extended Lifecycle Support for Sp… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/tuxcare-answers-urgent-needs-for-enterprises-facing-spring-framework-end-of-life/
-
Firmware, Supply Chain, and Frameworks NIST SP 800-53
NIST Special Publication 800-53 rev 5, Security and Privacy Controls for Information Systems and Organizations, is one of the most important and influ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/firmware-supply-chain-and-frameworks-nist-sp-800-53/
-
CodeSecDays 2024: A Deep Dive in Software Supply Chain Security
Explore key insights from CodeSecDays 2024 on software supply chain security. Learn about AI in DevSecOps, SLSA frameworks, developer-security collabo… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/codesecdays-2024-a-deep-dive-in-software-supply-chain-security/
-
Realm: Open-source adversary emulation framework
Realm is an open-source adversary emulation framework emphasizing scalability, reliability, and automation. It’s designed to handle engagements of any… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/15/realm-open-source-adversary-emulation-framework/
-
How to design a third-party risk management framework
Most organizations focus on securing routers, servers, firewalls, and other endpoints, but threats can also arise from unfamiliar sources such as thir… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/07/12/tprm-framework/
-
Israeli Entities Targeted by Cyberattack Using Donut and Sliver Frameworks
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and S… First seen on thehackernews.com Jump to article: thehackernews.com/2024/07/israeli-entities-targeted-by.html
-
Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation
The Supreme Court’s striking down of the Chevron Doctrine will have a major effect on the determination and enforcement of cyber regulation in the US…. First seen on securityweek.com Jump to article: www.securityweek.com/supreme-court-ruling-threatens-the-framework-of-cybersecurity-regulation/
-
Compliance, Security and the Role of Identity
While compliance frameworks establish baseline requirements for data protection, they may not always align with the rapidly evolving threat landscape…. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/compliance-security-and-the-role-of-identity/
-
FedRAMP Launches New Framework for Emerging Technologies
Framework Sets Stage for Agencies to Increasingly Adopt New, Modern Tech Solutions. The Federal Risk Authorization Management Program unveiled a new f… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fedramp-launches-new-framework-for-emerging-technologies-a-25703
-
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with… First seen on thehackernews.com Jump to article: thehackernews.com/2024/06/google-introduces-project-naptime-for.html
-
RBI Guidelines for Cyber Security Framework
The banking sector faces an ever-evolving landscape of cyber threats, making robust cybersecurity measures a top priority. The Reserve Bank of India (… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/rbi-guidelines-for-cyber-security-framework/
-
CVSS 10: Lücke in KI-Framework PyTorch gefährdet Netzwerke – ML-Framework PyTorch ermöglicht Cyberattacken
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-luecke-pytorch-sicherheitstipps-updates-a-b036731dce3c4657d3070df45865f02e/
-
Boardroom Blindspot: How New Frameworks for Cyber Metrics are Reshaping Boardroom Conversations
With new frameworks for cyber metrics and reporting being implemented globally, regulators have effectively elevated risk to the same level of board a… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/07/boardroom-blindspot-how-new-frameworks-for-cyber-metrics-are-reshaping-boardroom-conversations/

