- Page 2 of 4 - Get and contribute to Incident Response playbooks !!

August 26, 2020

Defending the Online Education Sector

Other names for the sector – E-learning, online learning, Edtech With a major shift to virtual classrooms, the Edtech startup companies pose a significant target for cyber criminals. As more students get connected to the Internet the threat has never been greater. Cyber attacks continue to plague the education sector, and they’re only intensifying. The consequences can be devastating and long lasting. Hackers are probably […]

General

August 19, 2020

Online education platform threats and mitigations

The rapid shift to online learning brought about by the pandemic is all but guaranteed to increase the threats they are facing and incidents they will experience. Typical users of online learning platforms – students, lecturers or teachers. Typical types Online training with content. Online training by trainers Large educational institutes – Going online. A platform for educators and learners with educators creating educational videos […]

General

July 1, 2020

Incident Response – Training, Blue team exercise and Muscle Memory.

First.org recommends this: Take a scenario that affected another organization and perform a table-top walk through of how your organization would deal with that same incident. At the very least you’ll identify gaps you still have to address. Exercises should be regular and involve a range of participants. It’s important that the senior members of an organization (right up to senior executive management) as well […]

General

June 30, 2020

SoC SIEM Use Cases

The use cases are critical to identifying any of the early, middle, and end-stage operations of the adversary. A small abnormal event can be a clue to a larger attack. There also needs to be a Playbook on how to respond. What are Use Cases Best Practises Why it is important to have a large set of Use Cases and have playbooks for them? FlexibleIR […]

Incident Response

June 29, 2020

Cyber Incident breach communication templates

Be prepared with communication templates – There is no time when handling an incident.

SCADA

May 16, 2020

ICS : Infiltration of Malware via Removable Media and External Hardware

Common Malware scenarios – Infected USB flash drives, Notebook computers used for maintenance, Project files or executable applications containing malicious code. What are the best practices to handle these incidents?

SCADA

May 16, 2020

ICS SCADA Use cases

Attacks related to Industrial Control Systems are complex. There is an urgent need to share information, get support for incident analysis and mitigation, and coordinate messaging for incidents that require communication with customers and the public.

Web

May 13, 2020

Playbook for wordpress related attacks

Please take a backup and upgrade to 5.4.2 having few security issues fixed. See the release notes. How do we contain wordpress attacks?

Remote

May 10, 2020

Playbook for RDP scanning

Remote Desktop Protocol (RDP) provides a user with a graphical interface to connect to another computer over a network connection. The user employs RDP client software for this purpose, while the other computer must run RDP server software. Microsoft RDP includes the following features and capabilities: Encryption, Bandwidth reduction features, Roaming disconnect, Clipboard mapping, Print redirection, Virtual channels, Remote control, Network load balancing. Technical Details […]

Cloud General

May 8, 2020

Playbook for attack on Salt servers

Nov3, 2020 – New vulnerabilities revealed. The fixed versions include 3002.1, 3001.3, and 3000.5 depending on what branch of Salt you are using. The company has also made patches available for older versions, such as 2019.x. https://www.bleepingcomputer.com/news/security/saltstack-reveals-new-critical-vulnerabilities-patch-now/ Older vulnerabilities – The hackers use CVE-2020-11651 (an authentication bypass) and CVE-2020-11652 (a directory traversal) to take control over Salt master server Mitigations Below are for older bug fixes related […]

Tags