April 12, 2020
Social engineering is one of the hardest form of attack to defend against because hardware and software alone can’t stop it. How to we mitigate these attacks?
Alerts are generated when something suspicious is seen by one of the Network monitoring devices. Network Security Tools:IDS (Intrusion Detection System)IPS (Intrusion Prevention System)DLP (Data Loss Prevention)SIEM (Security Incident and Event Management)NBAD (Network Behavior Anomaly Detection) Playbook Mitigation https://cert.societegenerale.com/resources/files/IRM-5-Malicious-Network-Behaviour.pdf References
Insider threats are growing and are very complex to handle as it needs to be worked outvery closely with a lot of stakeholders including the human resource department.
Companies need to respond to a data breach in such a way that it’s crystal clear to all related. Lets explore state-of-art remediation practices.
Brute-force and dictionary attacks against remote services such as SSH, are one of the Top-20 most common forms of attack on the Internet that compromise servers. In particular, Unix-based and Mac OS X servers that run an SSH service to allow administrators secure remote connections are at risk. Playbook Mitigation Disable root access – It is a good security practice to disable logins via SSH […]
Government websites hacked and vandalized is a very common observed threat. The defacement can happen for any website. What are the best practices to remediate when under attack?.
If short on time directly jump to the playbooks section. Summary Any attempt to compromise a system and/or steal information by tricking a user into responding to a malicious message. The most common phishing attacks involve emails armed with malware hidden in attachments or links to infected websites, although phishing can be conducted via other methods such as voicemail, text messages, and social media, too. […]