NIST SPECIAL PUBLICATION 1800-28 CHALLENGE An organization must protect its information from unauthorized access and disclosure. Data breaches large and small can have far-reaching operational, financial,...
Author: Lucas Coletta
The NIST Cybersecurity Framework (CSF) 2.0
The NIST Cybersecurity Framework (CSF) 2.0 provides guidance to industry, government agencies, and organizations of all sizes and sectors to manage cybersecurity risks effectively. It offers...
Nmap for Pentester – PORT STATE
The document discusses the different states of ports that Nmap recognizes during network scanning, including Open, Closed, Filtered, Unfiltered, Open|Filtered, and Closed|Filtered ports. It provides details...
NIST CSF 2.0: What has changed?
The NIST Cybersecurity Framework (CSF) 2.0 introduces desired outcomes to address cybersecurity risks alongside other business risks. These outcomes are sector-specific, technology-neutral, and can be mapped...
Industrial Control Systems: Engineering Foundations and Cyber-Physical Attack Lifecycle
Advances in computing and networking have added new capabilities to physical systems that could not be feasibly added before. This has led to the emergence of...
X-Force Threat Intelligence Index 2024
The IBM X-Force Threat Intelligence Index 2024 report highlights various cybersecurity trends and threats. It points out the risks associated with web application misconfigurations, such as...
How well do you know your OT assets?
10 Ways Asset Visibility Builds The Foundation For OT Cybersecurity Asset visibility is crucial for effective operational technology (OT) cybersecurity programs, as organizations cannot protect assets...
Guide to securing personal information
The guide emphasizes the importance of implementing security measures to protect personal information, including physical, ICT, and access security practices. It suggests conducting Privacy Impact Assessments...
Guide to Enterprise Risk Management
FREQUENTLY ASKED QUESTIONS In today’s challenging global economy, business opportunities and risks are constantly changing. There is a need for identifying, assessing, managing and monitoring the...
Guide to Cyber Security Measures
Step by step to a digitally secure organisation The document outlines essential measures for cyber security, emphasizing the importance of regular risk management alongside these measures....
Malware Analysis Guide
The document discusses the significance of interactive malware analysis using ANY.RUN, a platform that offers a unique approach to analyzing malware samples. It emphasizes the importance...
PAUTAS – FUNCIONES – CRIPTOGRÁFICO
Almacenamiento de contraseñas The document provides guidelines on cryptographic functions, emphasizing the importance of considering current threats and the need for specific adaptations due to varying...
GLOBAL THREAT REPORT
The CrowdStrike 2024 Global Threat Report highlights a significant increase in interactive intrusions in 2023, particularly targeting technology sectors. These intrusions saw a 60% rise, indicating...
Global Cybersecurity Trends
The January 2024 Cybersecurity Analysis provides a comprehensive view of the evolving threat landscape. The Threat Analytics section outlines a significant global surge in breaches, with...
Gestión de riesgos
The Risk Management Guide provides a comprehensive approach for entrepreneurs to handle risks effectively. It emphasizes the importance of qualitative and quantitative risk estimation methods, recommending...
Ethical Hacking TRAINING
The document provides a comprehensive overview of a training program on Ethical Hacking, focusing on various modules and tools essential for cybersecurity professionals. It covers topics...
How to bypass Firewall
This document delves into various aspects of cybersecurity, focusing on techniques to bypass firewalls and evade detection. It covers methods such as obfuscation to bypass regular...
FINTECH, REGTECH AND THE ROLE OF COMPLIANCE 2021
The document discusses the collaboration with fintechs as a crucial aspect for financial institutions to accelerate digital transformation. It highlights the impact of Regtech on compliance...
Network Security Groups
The document provides detailed guidance on managing Network Security Groups (NSGs) in Azure for effective network traffic control. It covers creating new NSGs in the Azure...
UNDERSTANDING CBDCS
A guidebook for regulators and policymakers This paper aims to provide an overview of the policy and regulatory considerations for central banks to build and issue...
NETWORK PENETRATION TESTING
The Network Penetration Testing course covers a comprehensive range of topics to enhance the security skills of IT professionals. It includes both basic and advanced concepts...
Elevating RCE to the Apex with Netbox
A Dive into Built-in Features Exploits for Network Automation Solution CVE-2024-23780 The document discusses the critical vulnerability CVE-2024-23780 identified in NetBox, an open-source web application used...
MODELING TOMORROW’S CYBERSECURITY ORGANIZATION
The document discusses the evolving role of Chief Information Security Officers (CISOs) in response to rapid technological advancements and changing regulatory landscapes. It emphasizes the need...
Reporting Cyber Risk to Boards
This document provides methods and inspiration for Chief Information Security Officers (CISO) to design and implement quantitative cybersecurity metrics to report cyber risk at Board level...
Microsoft Office and Windows HTML Remote Code Execution
CVE-2023-36884 The document highlights the detection of a malicious file that infiltrated the system through an email, emphasizing the importance of investigating the origins of the...
Metaverse Identity: Defining the Self in a Blended Reality
The document delves into the concept of identity within the metaverse, emphasizing its role in reshaping digital interactions and personal expression. It explores how digital identity...
Metasploit Framework
Inject Payload into Executable This document outlines the setup requirements for a lab environment, focusing on the use of Kali Linux as the Pentester Machine and...
Malware Analysis Report LOCKBIT 3.0 Ransomware
The document provides a comprehensive analysis of the LOCKBIT 3.0 ransomware conducted by Yusuf Amr. It begins with an Executive Summary highlighting the threat posed by...
LLM AI Cybersecurity & Governance Checklist
The document outlines the OWASP Top 10 for LLM Applications Cybersecurity and Governance Checklist, aimed at leaders in various fields to protect against risks associated with...