Marius G.’s Post

The best representation of how data loss is happening at a physical level.

Just finished the course “Advanced SOC 2 Auditing: Proven Strategies for Auditing the Security, Availability and Confidentiality TSCs”! #soc2 #securityaudits

Let's briefly review the most common web vulnerabilities listed in the OWASP Top 10. 📝 Let's get into it!👇 1. SQL Injection. 🖊 An injection vulnerability is when an attacker sends malicious data as part of a command or query to an interpreter to top the list for the third time in a row. The most common cause of injection vulnerabilities is an application's failure to filter, validate, or sanitise user input. 2. Query Parameterisation. 🔢 Using parameterised queries is the best and cleanest way to mitigate SQL injection attacks. Parameterised queries are queries whereby only the parameters are supplied at execution, heavily reducing the ability of a determined attacker to alter or 'break' the query itself. 3. Exposed Sensitive Data. 👀 As its name suggests, this vulnerability arises when a web application does not adequately protect sensitive data or personally identifiable information. Examples of this type of information include dates of birth, phone numbers, postal addresses, email addresses, and banking information. 4. External Entities in XML (XXE). 🐱👤 XML External Entity assaults, which go by the annoying term XXE instead of XEE (although that's not important at all), can take advantage of improperly configured XML processors to access internal files, file sharing, and even be used for DoS and remote code execution attacks. 5. Broken Access Control. 🧨 Broken Access Control, not to be confused with the similarly named broken authentication, results from misconfigured permissions that allow attackers to access or alter data, files, or accounts that they should not to have. These controls may inadvertently be adjusted incorrectly. 6. Incorrect Security Configuration. 💥 It includes HTTP headers that are incorrectly configured, inadequate configurations, insecure default settings, or exposed error messages that direct attackers in their hunt for weaknesses. 7. XSS, or cross-site scripting. 🕳 In short, an attacker can execute JavaScript in the victim's browser thanks to Cross-Site Scripting. This can change a web page's content, send users to a malicious website, or hijack user sessions (by obtaining cookies, session IDs, and other data). 8. Unsafe Deserialisation. 🛑 Serialisation converts an object into a format that can be transferred over a network, streamed, or stored on a disk as a file. Deserialisation turns serialised data into an object from a file, stream, or network connection. 9. Making Use of Components with Known Flaws. 🔬 It refers to the situation where a web application actively uses components that contain vulnerabilities that have been made public. 10. Inadequate Monitoring & Logging. ✔ This one is likewise straightforward. Any thriving SOC heavily depends on logging and monitoring to assess the network's condition and spot potential threats. If you feel this content is worth sharing, show your appreciation with a: 👍 Like 💬 Comment 🔁 Repost

Cybersecurity experts have raised alarm about the ongoing threat posed by persistent phishing campaigns. 📑 These campaigns leverage HTTP header refresh entries to orchestrate elaborate schemes involving counterfeit email login pages. The aim is to dupe unsuspecting users into divulging their credentials. 💫 The devious nature of these attacks lies in the fact that the malicious links prompt the web browser to instantly refresh or reload a specific web page without any input from the user. This clever tactic adds authenticity to the counterfeit pages, putting individuals at risk of falling victim to these sophisticated phishing attempts. 👩💻 Malicious links are designed to automatically refresh the web page without requiring any action from the user. 🐱👤 Word of advice: 👇 Always check for HTTPS and the little 🔐on the left side of the search bar and be disengage JavaScript on your browser settings. 🕵️♀️ If you feel this content is worth sharing, show your appreciation with a: 👍 Like 💬 Comment 🔁 Repost

One of the primary and persistent threats to cloud-based SaaS environments is vulnerability to account takeover attacks. Despite substantial investments in traditional security measures, many businesses need help effectively countering these risks. 💼 The SaaS death chain leverages the essential elements present in the browser. Regarding account takeover, these consist of: a) Executed Web Pages: -> To gather and obtain credentials, attackers can construct phishing login pages or employ MiTM on genuine websites. 👓 b) Browser extensions: -> Sensitive data can be accessed and exfiltrated by malicious extensions. 👓 Attackers attempt to gain control of the browser or steal its saved credentials to access SaaS programs. This method of attack underscores the importance of securing saved credentials. Once the attacker has obtained the user's credentials, they can access the apps and operate without any restrictions and renders typical security measures ineffective in prevention. 😨 𝟭. 𝗣𝗵𝗶𝘀𝗵𝗶𝗻𝗴. 🔗 Phishing attempts exploit how a browser renders a webpage. These fall into two categories as malicious login pages and legal ones that are intercepted to obtain session tokens. SSE solutions and firewalls cannot thwart these assaults because malicious web page components are invisible in network traffic. Consequently, the phishing components breach the user's endpoint and perimeter. The solution: 👇 A browser security platform monitors how web pages are run and examines each component to identify phishing attempts, such as credential entry fields and MiTM redirection. Then, the page disables these elements. 𝟮. 𝗠𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗕𝗿𝗼𝘄𝘀𝗲𝗿 𝗘𝘅𝘁𝗲𝗻𝘀𝗶𝗼𝗻𝘀. 📑 By leveraging the elevated privileges granted by users, malicious extensions hijack saved credentials and take control of the browser's operations and data. The breach in security is severe because EDRs and EPPs frequently place implicit faith in browser operations, extensions become a security vulnerability. The solution is to use a browser security platform that makes all extensions visible, analyses their risks, and automatically removes harmful ones. 𝟯. 𝗣𝗲𝗿𝗳𝗼𝗿𝗺 𝗔𝗰𝗰𝗲𝘀𝘀 𝗮𝗻𝗱 𝗔𝘂𝘁𝗵𝗲𝗻𝘁𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝘄𝗶𝘁𝗵 𝗮 𝗟𝗼𝗴𝗶𝗻 𝗣𝗮𝗴𝗲. 👀 The attacker can access the targeted SaaS program once they have credentials. The breakdown in protection is that MFA solutions aren't frequently embraced and deployed, and IdPs need help to distinguish between malicious and legal users. The solution is to use a browser security platform, which monitors all credentials saved in the browser, connects to the IdP to serve as an extra layer of authentication, and restricts access from the browser itself to prevent anyone from using stolen credentials. 👮♂️ Account takeover attacks highlight the browser's vulnerability, and organisations must modify their security strategy. The browser has emerged as a crucial attack surface for businesses. ✍ #cybersecurity

For anyone who don't know how the Network Protocols are functioning. 👇

The Open Web Security Project (OWASP) Foundation has diligently compiled a detailed manual outlining the various security threats within the email industry. 📪 It covers a wide range of potential risks and provides valuable insights into safeguarding email communications. 🛡 It is highly recommended that you review this manual, as it is vital for enhancing your cybersecurity practices and protecting your sensitive information. 👀 If you feel this content is worth sharing, show your appreciation with a: 👍 Like 💬 Comment 🔁 Repost #cybersecurity #OWASP #webapplicationfirewall #privacy #safety

Maintaining online security and being vigilant about not clicking on any links in emails from unknown sources is crucial. This practice helps to prevent potential phishing attacks and malware infiltration. 👮♂️ This proactive approach can help avoid undeliverable messages and ensure that your communication channels remain reliable. 🕵️♀️ It's advisable to regularly review and verify the email addresses in your contact list to ensure that they are accurate and functional. 👀 https://lnkd.in/eJ5vtdMT

As there is a Windows outage in the sense of Blue Screen of Death, the fix is below. The outage is affecting US-1, US-2, EU 1, and APAC. Be careful out there and if you have BSOD, do as in the screenshot. 👇 Share it far and wide.