Aggregator

SDL 75/100问:前期的安全设计与测试是否解决不同层面问题?

我的安全视界观
5 months 3 weeks ago
这个问题非常好,说明提出问题的人对SDL有一定理论研究,但缺少实践,也问出了一个痛点。从严谨的角度来说,在设计阶段提出的安全设计,需要验证是否业务团队是否都落实?通常在设计阶段会评审和检查设计方案,在编码阶段也会去进一步实现,不过得等到测试阶段来验证效果,由此可以看出安全测试的一个主要目的是:验证安全设计是否实施。 安全测试的内容又不止安全设计,完整的来讲还要包括:安全需求、部署环境时配置不当引入的安全问题等。但是在实际落地过程中,由于资源、人员等因素,会导致少有公司能够完全按照安全设计去写测试用例,然后一项项的进行测试。同时为了保证安全性,通常会引入各类AST工具及人工渗透等方式,在上线前尽可能多的发现问题。 所以,可以认为安全测试解决的问题范围理论上包含了安全设计,但实际可能会出现遗漏。 1、SDL 100问 SDL100问:我与SDL的故事 SAST误报太高,如何解决? SDL需要哪些人参与? SDL如何做成平台化以及价值? 安全SDK提供安全API是怎么做的? 安全测试,测不出逻辑漏洞怎么办? 大家都有哪些SDL运营指标? 业务系统是否可以带漏洞上线? 按千行代码漏洞数进行量化,如何制定指标? 如何定位安全与业务的关系? 如何定位安全培训? SDL 74/100问:有没有SDL相关的监管要求? 2、SDL创新实践 首发!“ 研发安全运营 ” 架构研究与实践 DevSecOps实施关键:研发安全团队 DevSecOps实施关键:研发安全流程 DevSecOps实施关键:研发安全规范 DevSecOps实施关键:研发安全工具 从安全视角,看研发安全 数字化转型下研发安全痛点 一个思考:安全测试驱动产品安全? 3、SDL最初实践 【SDL最初实践】开篇 【SDL最初实践】安全培训 【SDL最初实践】安全需求 【SDL最初实践】安全设计 【SDL最初实践】安全开发 【SDL最初实践】安全测试 【SDL最初实践】安全审核 【SDL最初实践】安全响应 4、安全运营实践 基于实践的安全事件简述 安全事件运营SOP:钓鱼邮件 安全事件运营SOP:网络攻击 安全事件运营SOP:蜜罐告警 安全事件运营SOP:webshell事件 安全事件运营SOP:接收漏洞事件 应急能力提升:实战应急困境与突破 应急能力提升:挖矿权限维持攻击模拟

Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025

Security Boulevard
5 months 3 weeks ago

During exercises at CognectCon2025 a number of cyberattack scenarios were discussed that highlighted the risks of cyber attackers leveraging cognitive vulnerabilities to cause major impacts to nation critical infrastructures.

This video is a short report-out on one such possible scenario, before we began discussing how to prevent, detect, and respond to such an event. In hindsight, the scenario seems pretty timely and relevant.

The premise of this scenario was if Iran found itself outmatched militarily by Israel and the US, how it could conduct a strategic cyberattack against its enemies by leveraging useful idiots to launch a distributed attacks with a self-replicating destructive worm against all 16 US Critical Infrastructure sectors.

The aggressor would launch a disinformation and influence campaign targeting westerners who want the violence in the middle east to stop and believe that a social ‘Like’ viral campaign will make that happen. Instead, they become unknowing distribution points for a malicious worm that attacks the very infrastructure they rely upon.

Such conferences are vitally important. Communication and collaboration among cybersecurity professionals, such as these exercises, fuel creativity and innovation needed to predict and prepare against future cyber-attacks. Understanding how cognitive vulnerabilities are both a weakness and an opportunity in cybersecurity is the next significant area for our industry.

For more cybersecurity insights, follow me:

The post Threat Casting a Nation State Attack on Critical Infrastructure Scenario at CognectCon2025 appeared first on Security Boulevard.

Matthew Rosenquist

Qilin ransomware gang now offers a “Call Lawyer” feature to pressure victims

Security Affairs
5 months 3 weeks ago
Qilin ransomware gang now offers a “Call Lawyer” feature to help affiliates pressure victims into paying, per Cybereason. The Qilin ransomware group is now offering legal support to its affiliates through a “Call Lawyer” feature to pressure victims into paying. This move, reported by cybersecurity firm Cybereason, shows Qilin stepping up its operations and trying […]
Pierluigi Paganini

Feel Reassured with Advanced Secrets Scanning Technologies

Security Boulevard
5 months 3 weeks ago

Are You Ready for the Future of Cybersecurity? Cybersecurity is not just about human identities anymore. A rising segment of digital focuses on non-human identities (NHIs) – a crucial feature in any contemporary cybersecurity strategy. But what are NHIs, and why should we be paying attention to them? Navigating the Landscape of Non-Human Identities A […]

The post Feel Reassured with Advanced Secrets Scanning Technologies appeared first on Entro.

The post Feel Reassured with Advanced Secrets Scanning Technologies appeared first on Security Boulevard.

Alison Mack

CVE-2009-1499 | Joomla CMS MailTo index.php article sql injection (EDB-8366 / ID 12731)

Vuldb Updates
5 months 3 weeks ago
A vulnerability classified as critical was found in Joomla CMS. Affected by this vulnerability is an unknown functionality of the file index.php of the component MailTo. The manipulation of the argument article leads to sql injection. This vulnerability is known as CVE-2009-1499. The attack can be launched remotely. Furthermore, there is an exploit available. The real existence of this vulnerability is still doubted at the moment.
vuldb.com

CVE-2024-55564 | POSIX::2008 Package up to 0.23 on Perl _execve50c buffer overflow (EUVD-2024-52811)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in POSIX::2008 Package up to 0.23 on Perl. It has been classified as critical. This affects the function _execve50c. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-55564. The attack can only be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-55573 | Centreon Web up to 23.04.23/23.10.18/24.04.8/24.10.2 Virtual Metrics sql injection (EUVD-2024-52813)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in Centreon Web up to 23.04.23/23.10.18/24.04.8/24.10.2. It has been classified as critical. This affects an unknown part of the component Virtual Metrics. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2024-55573. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-55560 | MailCleaner Installation key management (EUVD-2024-52809)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in MailCleaner and classified as problematic. Affected by this issue is some unknown functionality of the component Installation Handler. The manipulation of the argument ssh_host_dsa_key/ssh_host_rsa_key/ssh_host_ed25519_key leads to key management error. This vulnerability is handled as CVE-2024-55560. The attack needs to be approached within the local network. There is no exploit available. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2006-0645 | Free Software Foundation Inc. libtasn1 up to 0.2.17 memory corruption (Nessus ID 20934 / ID 115329)

Vuldb Updates
5 months 3 weeks ago
A vulnerability classified as critical was found in Free Software Foundation Inc. libtasn1. This vulnerability affects unknown code of the component libtasn1. The manipulation leads to memory corruption. This vulnerability was named CVE-2006-0645. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2006-0705 | F-Secure SSH Server up to 6.0.0.9 SFTP Server logging format string (VU#419241 / Nessus ID 20902)

Vuldb Updates
5 months 3 weeks ago
A vulnerability was found in F-Secure SSH Server up to 6.0.0.9 and classified as critical. This issue affects the function logging of the component SFTP Server. The manipulation leads to format string. The identification of this vulnerability is CVE-2006-0705. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

Play

Dark Feed IO
5 months 3 weeks ago

You must login to view this content

cohenido

Managed ad