TLPT & ME: Everything you need to know about Threat-Led Penetration Testing (TLPT) in a TIBER world.

TLPT and Me

Introduction In our previous post, we published an analysis of current TIBER implementations ahead of DORA's TLPT requirements. To recap, this contained: An overview of existing TIBER implementations (situation mid-2024) A comparison of the respective guidance documents w.r.t. major building blocks, such as the generic threat landscape, purple teaming, leg-ups, scenario X Assurance that consistency … Continue reading TLPT & ME: Everything you need to know about Threat-Led Penetration Testing (TLPT) in a TIBER world.

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Confidentiality

Introduction In the first part of this mini-series, we explored briefly what kind of impacts AI may have on the CIA Triad and whether we should adjust this fundamental framework. The goal of this and subsequent blogposts is assessing the pillars of the proposed Information Security Hexagon, starting with Confidentiality. Maintaining confidentiality in Artificial Intelligence … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

How AI forces us to expand our thinking about basic cybersecurity concepts

The traditional CIA Triad (Confidentiality, Integrity, and Availability) has long been a cornerstone of information security, providing a solid framework to protect data and systems. However, the rising presence of AI in our lives introduces new challenges that extend beyond the current scope of the CIA Triad. In this AI mini-series, we will analyse the … Continue reading How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction

Hunting for Remote Management Tools: Detecting RMMs

In our previous blog post about RMM (Remote Management and Monitoring) tools, we highlighted the prevalence of such tooling in nearly every organizationโ€™s environment. In todayโ€™s world, where many organizations support remote work, RMM tools are frequently utilized to help provide assistance to end users and to allow IT administrators to perform their tasks from … Continue reading Hunting for Remote Management Tools: Detecting RMMs

All that JavaScript forโ€ฆ spear phishing?

NVISO employs several hunting rules in multiple Threat Intelligence Platforms and other sources, such as VirusTotal. As you can imagine, there is no lack of APT (Advanced Persistent Threat) campaigns, cybercriminals and their associated malware families and campaigns, phishing, and so on. But now and then, something slightly different and perhaps novel passes by. In … Continue reading All that JavaScript forโ€ฆ spear phishing?

Emergency Accounts: Last Call!

Last call: Update your emergency accounts!

Update your emergency accounts before October 15th. Even if you have been out of office for the last couple of months, you should be aware that starting October 15th you will need to provide Multi Factor Authentication (MFA) to logon to Azure portal, Entra admin center and Intune admin center. This will be enforced to … Continue reading Emergency Accounts: Last Call!