Newsletter

by mathildeexlm mathildeexlm No Comments

MITRE ATT&CK: Yet another new framework to learn about

In the hope of preventing a breach, companies deploy various detectors: from border security (firewall, proxies, …) to endpoint protection (EDR, antivirus, …). And, potentially, centralize all these events in a SIEM to correlate and implement Use Cases.

So many solutions and vendors, but yet some questions remain: how well (or not) is your detection against the most common attack vectors for your business sector? Are you able to detect attackers’ activity once they breached your infrastructure? Do you have overlapping sensors?

This article presents a framework, Mitre Att&ck (Adversarial Tactics Techniques & Common Knowledge), which becomes more and more popular and attempts to address the above questions. We will first, remind the existing methods and detail how Mitre Att&ck contributes to improving the understanding of an attack. We will then describe the various objectives achievable with this, as well as the requirements to get the most of it. Lastly, we will consider the interface developed by Mitre to fulfil the objectives efficiently.

Read more

by mathildeexlm mathildeexlm No Comments

Passwords: hash them harder, better, faster, stronger

What have we learned from the latest 30 years of password storage? We went from plaintext passwords in databases to hashed passwords, salted and even peppered passwords. Distributed computing required algorithms to adapt to new types of workload. So, what are the best practices, and what makes a truly resistant password hash against offline cracking?

Let’s review the basics of password hashing and the usage of the different algorithms used by the industry. Read more

by mathildeexlm mathildeexlm No Comments

Newsletter: SWIFT CSP: A change to reinforce the security of the global banking system

Secure the SWIFT Network

In 2016, users of Society for Worldwide Interbank Financial Telecommunication (SWIFT), Bangladesh, Vietnam and Ecuador suffered cyber-attacks and had huge financial losses. Due to the exponential increase of cyber-attacks and frauds against financial institutions, the same year, SWIFT introduced its own Customer Security Programme (CSP). The main goal of this programme is to ensure and improve the security level of each SWIFT customer to bring more confidence in the SWIFT’s network. To follow this aim, SWIFT proposed three guidelines: Secure your environment, Know and Limit Access, Detect and Respond.

Read more

by mathildeexlm mathildeexlm No Comments

Excellium services newsletter : CSSF 20/750 : A new circular for your information security risks’management

On August 25, 2020, the Commission de Surveillance du Secteur Financier (CSSF) introduced and published a new circular (CSSF 20/750). This circular is applicable to all credit institutions, all Professionals of the Financial Sector (PFS), all payment institutions, and all electronic money institutions. The main objective is to implement the guidelines of the European Banking Authority EBA/GL/2019/04 relating to the management of risks linked to information and communication technologies (“ICT”) and security.

Read more

Top