Ciatrine Security

23/02/2023

Are you aware of the differences between Cybersecurity, IT Security, and Information Security? These terms are often used interchangeably, but they actually refer to distinct areas of expertise.
According to the National Institute of Standards and Technology (NIST), information security and cybersecurity are separate career fields.

Cybersecurity is all about safeguarding your enterprise's sensitive and critical data from cybercriminals. These malicious attacks may take place over the internet or even in person.

IT Security, on the other hand, focuses on securing your company's data via host and network security. This concept is closely related to Information Assurance, which is based on the principles of Confidentiality, Integrity, and Availability., commonly known as the CIA triad.

In today's interconnected world, everyone wants their personal information to be secure and accessible only to authorized individuals. This is where Information Security (InfoSec) comes in. NIST defines InfoSec as the protection of information and information systems against unauthorized use. The goal of this field is to provide availability, integrity, and confidentiality.

Information security teams create and implement policies and systems to protect information, especially for large organizations that must safeguard customer data.

Don't fall into the trap of thinking that your company is too small or insignificant to be a target for cyberattacks. The potential threats to your enterprise are real and pervasive. It's crucial to prioritize cybersecurity measures and stay ahead of the game.

20/12/2022

Microsoft has revoked several Microsoft hardware developer accounts after drivers signed through their profiles were used in cyberattacks, including ransomware incidents.

14/12/2022

Apple urgently releases security patches for its line of products vulnerable to a zero day present in the Webkit browser engine that could be leveraged to perform arbitrary code ex*****on.
https://thehackernews.com/2022/12/new-actively-exploited-zero-day.html

Zero-day vulnerability alert! Apple has released security updates to prevent malicious code ex*****on on your devices.

08/11/2022

https://www.bleepingcomputer.com/news/security/british-govt-is-scanning-all-internet-devices-hosted-in-uk

The United Kingdom's National Cyber Security Centre (NCSC), the government agency that leads the country's cyber security mission, is now scanning all Internet-exposed devices hosted in the UK for vulnerabilities.

05/11/2022

Way easier, right? 😃

01/11/2022

https://nakedsecurity.sophos.com/2022/10/28/updates-to-apples-zero-day-update-story-iphone-and-ipad-users-read-this

Turns out that Tuesday’s zero-day for iOS 16 is Friday’s zero-day for iOS 15…

31/10/2022

https://www.bleepingcomputer.com/news/security/new-azov-data-wiper-tries-to-frame-researchers-and-bleepingcomputer/

A new and destructive 'Azov Ransomware' data wiper is being heavily distributed through pirated software, key generators, and adware bundles, trying to frame well-known security researchers by claiming they are behind the attack.

12/07/2022

Short introduction to OSINT and how it can be leveraged to conduct warfare

09/05/2022

Just download and install Java 😂😂😂

19/04/2022

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub revealed today that an attacker is using stolen OAuth user tokens (issued to Heroku and Travis-CI) to download data from private repositories.

18/04/2022

GitHub announced that hackers could gain access tokens through a cloud service and a CI service, allowing access to the private locks of dozens...

15/04/2022

Google has released Chrome 100.0.4896.127 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability actively used by threat actors in attacks.