Cortex XSOAR Tips & Tricks – Dealing with dates

This entry is part 13 of 10 in the series Cortex XSOAR Tips & Tricks

Introduction As an automation platform, Cortex XSOAR fetches data that represents events set at defined moments in time. That metadata is stored within Incidents, will be queried from various systems, and may undergo conversions as it is moves from machines to humans. With its various integrations, Cortex XSOAR ingests datetimes from sources that use different … Continue reading Cortex XSOAR Tips & Tricks – Dealing with dates

Malware-based attacks on ATMs – A summary

ATM

Introduction Today we will take a first look at malware-based attacks on ATMs in general, while future articles will go into more detail on the individual subtopics. ATMs have been robbed by criminal gangs around the world for decades. A successful approach since ~ 20 years is the use of highly flammable gas, which is … Continue reading Malware-based attacks on ATMs – A summary

DeTT&CT: Automate your detection coverage with dettectinator

Introduction Last year, I published an article on mapping detection to the MITRE ATT&CK framework using DeTT&CT. In the article, we introduced DeTT&CT and explored its features and usage. If you missed it, you can find the article here. Although, after writing that article, I encountered some challenges. For instance, I considered using DeTT&CT in … Continue reading DeTT&CT: Automate your detection coverage with dettectinator

The Beauty of Being a Cybersecurity Project Manager for NVISO NITRO MDR

All Project Managers might agree with this: working as a Project Manager is exciting as no two days are ever the same. Just like a conductor of an orchestra leads all musicians to bring harmonic masterpieces to life, so does the cybersecurity Project Manager leading and coordinating the different stakeholders to bring a project to … Continue reading The Beauty of Being a Cybersecurity Project Manager for NVISO NITRO MDR

The Key Role of the Service Delivery Manager at NVISO’s Managed Detect & Respond Service

The Service Delivery Manager (SDM) plays a key role in the delivery of our NVISO cybersecurity NITRO Managed Detect & Respond (MDR) services. As the main point of contact, we represent the client at NVISO and represent NVISO at the client. During the operational lifecycle of a contract, my fellow SDMs and I are responsible … Continue reading The Key Role of the Service Delivery Manager at NVISO’s Managed Detect & Respond Service

Lower email spoofing incidents (and make your marketing team happy) with BIMI

Introduction Over the last couple of years, we saw the amount of phishing attacks skyrocket. According to F5, a multi-cloud security and application provider, there was a 220% increase of incidents during the height of the global pandemic compared to the yearly average. It’s expected that every year there will be an additional increase of … Continue reading Lower email spoofing incidents (and make your marketing team happy) with BIMI

Can we block the addition of local Microsoft Defender Antivirus exclusions?

Introduction A few weeks ago, I got a question from a client to check how they could prevent administrators, including local administrators on their device, to add exclusions in Microsoft Defender Antivirus. I first thought it was going to be pretty easy by pushing some settings via Microsoft Endpoint Manager. However, after doing some research … Continue reading Can we block the addition of local Microsoft Defender Antivirus exclusions?

NVISO EXCELS IN MITRE ATT&CK® MANAGED SERVICES EVALUATION

As one of the only EU-based Cyber Security companies, NVISO successfully participated in a first-of-its-kind, MITRE-led, evaluation of Managed Security Services (MSS). The inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Security Services ran in June 2022 and its results have been published today. NVISO performed excellently in the evaluation, demonstrating services that are at or … Continue reading NVISO EXCELS IN MITRE ATT&CK® MANAGED SERVICES EVALUATION

The dangers of trust policies in AWS

AWS role structure

Introduction Everyone that has used Amazon Web Services (AWS) knows that the cloud environment has a unique way of granting access to users and resources. This is done by allowing users and/or resources to temporarily assume roles. These kinds of actions are possible because of trust policies that are assigned to those roles. A trust … Continue reading The dangers of trust policies in AWS