RPI (Madrid): M-006991/2017ISBN: 978-84-697-7205-8 Alejandro Corletti Estrada(acorletti@DarFe.es – acorletti@hotmail.com)www.darFe.es “La tercera Guerra Mundial será una Ciber guerra” John McAffe PrólogoUna de las principales necesidades que tenemos...
Category: CISO2CISO Cyber Security Advisors
Attack Surface Management by Claudio Benavente Cyber Security Advisor
Muito tem se falado sobre como ser mais preditivo e gerenciar riscos de cibersegurança de maneira mais abrangente. Com a adoção cada vez mais crescente de...
Good practices for security OIT by enisa
This ENISA study introduces good practices for IoT security, with a particular focus on softwaredevelopment guidelines for secure IoT products and services throughout their lifetime.Establishing secure...
ciso2ciso notepad series – new Released: new MITRE ATT&CK v10
Introducing ATT&CK v10: More Objects, Parity, and Features By Amy L. Robertson (MITRE), Alexia Crumpton (MITRE), and Chris Ante (MITRE) As announced a couple of weeks ago, we’re back with the latest release and...
Cybersecurity CISOs priorities in 2021: focus and return to the basics
ASSET MANAGEMENT, PASSWORD MANAGEMENT, CYBER HYGIENE, CONFIGURATION, VULNERABILITY MANAGEMENT, PATCHING, THREAT DETECTION AND PREVENTION, USER EDUCATION, REPORTING, DOCUMENTATION, AND SO ON Cybersecurity Priorities in 2021: How...
NCSC – Board toolkit: five questions for your board’s agenda
A range of questions that the NCSC believe will help generate constructive cyber security discussions between board members and their CISOs. CISOs and technical teams are...
The 26 best cybersecurity books every CISO should read before die by Marcos Jaimovich
This list is just a part of the list of interesting books found in the global market, if anyone wants to contribute others that are not...
threatpost – Lazarus Targets Job-Seeking Engineers with Malicious Documents
Notorious North Korean APT impersonates Airbus, General Motors and Rheinmetall to lure potential victims into downloading malware. The notorious Lazarus advanced persistent threat (APT) group has been identified...
The Register – EA Games looted by intruders: Publisher says ‘no player data accessed’ after reported theft of FIFA 21, Frostbite source
‘Surprise stealing mechanics’ made short work of network perimeter security Gareth CorfieldFri 11 Jun 2021 // 12:25 UTC EA Games, publisher of Battlefield, The Sims and FIFA, has admitted to a “recent incident of intrusion into...
The Hacker News – 7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access
7-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access A seven-year-old privilege escalation vulnerability discovered in the polkit system service could be exploited by a...
The Hacker News – Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users Multiple critical security flaws have been disclosed in Samsung’s pre-installed Android apps, which, if successfully exploited,...
threatpost – ‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts
‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S....