You might be interested in …

[ThreatPost] Ditch the Alert Cannon: Modernizing IDS is a Security Must-Do

All posts, ThreatPost

Jeff Costlow, CISO at ExtraHop, makes the case for implementing next-gen intrusion-detection systems (NG-IDS) and retiring those noisy 90s compliance platforms. Source: Read More (Threatpost)

Read More

[SANS ISC] USPS Phishing Using Telegram to Collect Data, (Tue, Jul 13th)

All posts, Sans-ISC

Phishing… at least they don’t understand security any better than most kids. The latest example is a simple USPS phish. The lure is an email claiming that a package can not be delivered until I care to update my address. Urgency… and obvious action. They learned something in their phishing 101 class. The next thing […]

Read More

[SANS ISC] Mitre CWE – Common Weakness Enumeration, (Mon, Jun 21st)

All posts, Sans-ISC

If you are involved in the security industry¬† you are at least somewhat familiar with the Mitre ATT&CK framework, the very useful, community driven, knowledgebase of attack threat models and methodologies which can be used to emulate adversary behavior to test security controls. However fewer are aware of a lesser¬†known Mitre project, Common Weakness Enumeration […]

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.