It's that time of year where we get the opportunity to look back on 2024.
The year 2024 presented a dynamic landscape of cyber threats and responses. With an increasing reliance on digital systems across industries, the challenges of securing sensitive data and critical infrastructure became more pronounced. Below, we break down the trends based on data from this year's incidents.
Visit here for more insights:
https://bit.ly/4h8WVIW
Over the past few months, I’ve been working on enhancing CSIDB (csidb.net) to deliver a more intuitive, insightful, and future-proofed threat intelligence experience. My recent updates are all about streamlining workflows, improving clarity, and aligning more closely with industry standards for cyber threat intelligence. Below, with the assistance of some ChatGPT's fluffy and flowery language.. I’ll walk you through the key improvements:
As the complexity of digital infrastructures grows, businesses are increasingly turning towards modular and scalable cybersecurity solutions to meet their evolving needs. Two pivotal frameworks driving this shift are the Cybersecurity Mesh Architecture (CSMA) and Platformization. These approaches are transforming how organisations protect their assets and manage their security tools, fostering agility, collaboration, and increased efficiency.
NIST finally releases v2.0 of their CSF (Cyber Security Framework). Its the first major update in a decade:
https://www.csidb.net/blog/post/7/
I heard a comment on a podcast recently that stated that "The West" must be far ahead of our adversaries in cyber capabilities due to the volume of attacks publicly attributing to their nation-state perpetrators. The rationale was that the lack of attributions heading in the reverse direction must mean that, where the attacks are likely happening, they're either not being caught or if they are the adversary doesn't have the capability to identify the actor.
Is that the case or do the adversaries have different strategic goals?
We may never know. Read more:
https://www.csidb.net/blog/post/6/
Did you know Docker bypasses your host firewall by default?
I certainly didn't until this week. Thankfully, my UFW host firewall is my last line of defence and any potential exposure was dealt with by my upstream CDN provider and cloud perimeter firewalls. IF ever there was an advert for Defence-in-depth.. this is it.
Spent some time researching Lockheed Martin's Cyber Kill Chain.
Realized that it's not been updated for over a decade. I think we can all agree.. things have moved on in cyber since 2011. Check out this:
https://www.csidb.net/blog/post/4/
Web security remains a paramount concern for website owners. Among the various tactics that pose threats, URL Masking stands out due to its deceptive simplicity and potential for misuse.
URL Masking, also known as Domain Masking, is a technique where the content of one website is displayed under the domain name of another. This is achieved by hiding the original website's URL in the browser’s address bar. While it can be used for legitimate purposes like branding, its misuse can lead to significant security challenges.. Read more, link below.
https://www.csidb.net/blog/post/3/
#cybersecurity #websecurity