Forum

Get inspired and gain all the knowledge you need

71 Topics

K
khyatiraval
published in ThreatModeling AppSec

Generative AI for Threat Modeling

The increasing volume and complexity of cyberattacks requires organizations of all sizes to secure network architecture proactively. Threat modeling is essential in order to make the shift from reactive to proactive security. The threat modeling process involves identifying objectives and optimizing network security by discovering vulnerabilities and developing mitigations for the threats that may impact a particular system or network. Artificial intelligence can be a useful cybersecurity tool, particularly for detecting patterns and providing rapid insights using technologies like machine learning, deep learning and natural language processing. These capabilities make it especially valuable for under-resourced cyber professionals. How can AI be valuable for threat modeling? AI can help automate the process of manually mapping components (individual elements represented in a threat model) with potential threats and countermeasures to mitigate those threats. This helps cybersecurity pro

610
K
2 days ago
chris.byrne
chris.byrne
published in ThreatModeling Cloud

How to Securely Threat Model in the CloudBlog

What is threat modeling? Threat modeling is a structured approach to identifying and evaluating potential security threats and vulnerabilities in an application or system. It is a process that helps organizations identify potential threats and vulnerabilities early in the development cycle, so that they can be addressed before the system is deployed. The goal of threat modeling is to identify potential security issues and to develop a plan to mitigate those issues before they can be exploited by attackers. What is cloud threat modeling? Cloud threat modeling is a process of identifying and evaluating potential security threats and risks associated with cloud computing environments. It involves systematically analyzing the architecture, design, and components of a cloud system to identify vulnerabilities and potential attack vectors. Its goal is to proactively assess and mitigate risks to ensure the security and protection of cloud-based applications, data, and infrastructure. Cloud thr

141
L
4 days ago
T
thakkar.karan04
posted in Security News

Android apps containing SpinOk module with spyware features installed over 421,000,000 times

This new report shows how Android ecosystem is plagued with malicious apps is very concerning. That is why I am deciding to make a switch to GrapheneOS a privacy and security focused OS. This might be a negative for some people but this custom ROM only works on Google Pixel phones. Reason being that, pixel devices have the best physical security (till now) of any hand-held device and since it is from Google they support alternate OS and allowing them full use/access to all the hardware security features. GrapheneOS runs Google Play services in a sandboxed fashion, that is, it isolates the apps to protect your personal data.  Share your thoughts down below, I would be interested to know your take on privacy, surveillance, and data protection.

0
T
9 days ago
M
Mahdi Fotouhi
published in ThreatModeling Medical Devices

Threat Modeling Medical Devices SafelyBlog

Ever since “smart” medical devices have come out, there have been a great deal of vulnerabilities affecting them. Whether it is due to connection through IoT devices, or to the existence of multiple operating systems communicating with each other, medical devices are inherently insecure. Only recently has the FDA begun requiring medical device manufacturers to threat model their devices as a comprehensive check to see where the vulnerabilities and weaknesses can arise inside the architecture. ThreatModeler was recently at an event held by Health Information Analysis Sharing Center (H-ISAC) and met with dozens of CISOs & CISSPs of various health care companies. It was shocking to learn that the majority of these high-ranking cybersecurity officials did not really understand what threat modeling is! Even though the FDA has made it mandatory for these manufacturers to use threat modeling to increase device security, it is bewildering that most of them have brushed this mandate under t

250
M
17 days ago
Kristen Canady
Kristen Canady
posted in Security News

Dallas cyberattack highlights ransomware’s risks to public safety, health

If you’ve seen the news, you know that latest ransomware attack in Dallas affected government agencies and hospitals. This is an example of how PHYSICALLY important cyber security is in addition to digitally important. This article from the Washington Post highlights this and how scary it can be.https://www.washingtonpost.com/politics/2023/05/08/dallas-cyberattack-highlights-ransomwares-risks-public-safety-health/

0
Kristen Canady
1 month ago
Shaiphali Mishra
Shaiphali Mishra
asked in Water Cooler Talk

Fun Friday: ”Guess the Password" challenge

A man locked his personal computer with a password and wrote some phrases in the hint box. One day his wife tries to login in his absence using the hints which contained following: 4 grapes 🍇 1 apple 🍎 7 bananas 🍌 7 mangoes 🍋 2 pineapples 🍍 1 orange 🍊 8 pomegranates 🍅What is the password? and share your fun logic puzzles 

5
Shaiphali Mishra
1 month ago
A
Anonymous
posted in Water Cooler Talk

Pet Photos

Post photos of your cute pets here!  Bonus points for anything exotic.  I’m boring though, and just have dogs.  My wife wants a teacup pig but I keep telling her that there’s no such thing and they all grow to 200lbs.  And I use the excuse that our HOA won’t allow livestock :)Here’s our two goofballs, Chewie (Golden Doodle) and Charlotte (Great Dane) Chewie loves tennis balls: Charlotte on her throne.  She’d just been spayed hence the shirt, which gives her a very hip look: Let’s see your pets!

19
catiecangialosi
2 months ago
A
Anonymous
posted in Security News

OKTA announces new identity verification functionality for Zoom video conferencing and collaboration

OKTA, the top independent identity provider, has introduced a new identity verification tool for Zoom meetings that makes use of Okta to validate a conference attendee's identity by email (E2EE). By using this identity authentication and attestation, which is enabled by Okta, you may determine for yourself whether a meeting participant is who they claim to be.All of Zoom's paid users have access to Okta Authentication for E2EE. In the Security tab of the Zoom Web Portal, account administrators for Zoom can enable Okta Authentication for E2EE. A meeting participant can authorise sharing of their identify by turning on the feature in their personal settings after the Zoom account admin has enabled it.Check out the press release at https://www.cxotoday.com/press-release/okta-announces-new-identity-verification-feature-for-zoom-video-conferencing-and-collaboration/ to learn more.

1
Shaiphali Mishra
2 months ago
A
Anonymous
posted in Security News

Cyber-Threat Detections Hit a Record-Breaking 146 billion in 2022

Trend Micro Incorporated, a global cybersecurity leader, today announced a massive 55% increase in overall threat detections in 2022 and a 242% surge in blocked malicious files, as threat actors indiscriminately targeted consumers and organizations across all sectors.To read a full copy of the report, Rethinking Tactics: 2022 Annual Cybersecurity Report, please visit: https://documents.trendmicro.com/assets/rpt/rpt-rethinking-tactics-annual-cybersecurity-roundup-2022.pdf

1
Shaiphali Mishra
2 months ago
A
Anonymous
posted in Security News

The World Economic Forum in 2023 will see a Cyber Storm: Prediction

A far-reaching, catastrophic cyber incident is at least somewhat likely to occur in the next two years, according to the Global Cybersecurity Outlook 2023, which polled 86% of business leaders and 93% of cybersecurity leaders. Furthermore, according to 43% of organizational leaders, a cyberattack is likely to have a significant negative impact on their firm in the next two years.Everyone is worried about cybersecurity, therefore it was given top priority at the most recent World Economic Forum Annual Meeting 2023 in Davos, Switzerland. The CEO of Cloudflare, Matthew Prince, stressed the seriousness of cyber insecurity at the gathering. Also, he stated that 2023 will be a busy year for cyberattacks. Throughout the conference, several executives reiterated his thoughts and worries.Many business executives place a strong emphasis on security, which means preventing cyberattacks on their company. Along with minimizing vulnerabilities, businesses and governments must make sure they can swif

2
Udipt Bhuyan
2 months ago
A
Anonymous
posted in Security News

Hacker Attack Wisconsin Court System

Court officials reported Thursday that hackers had targeted the computer network of the Wisconsin court system.Court officials released a statement saying that a hack started early this week. Network users might have encountered patchy service or slower-than-usual response times from online services, according to court officials. When asked explicitly when the attack started and whether it was still going on, courts spokesman Tom Sheehan said in an email that he was unaware of any new information.The message implied that the attack was still going on Thursday afternoon by advising lawyers or self-represented litigants who might have trouble electronically filing documents to get in touch with the clerk of court in their particular counties.In this attack, no data was compromised as a result of the incident, and court business is proceeding normally across the state.The major issue caused by the cyberattack was poor service or longer than usual response times. 

2
A
2 months ago
A
Anonymous
posted in Security News

Shoreline college websit hacked officials investigating

Students and employees at Shoreline Community College were forced to switch to virtual work this week as a result of a ransomware attack. To deal with the inconvenience, the institution has purchased mobile hot spots, but there are not enough for everyone. In order to share developments and address concerns, campus spokesperson Cat Chiappa has hosted Zoom sessions and written emails. The college acknowledged the occurrence in a message to the public.If a ransomware assault at Shoreline Community College led to a data compromise of sensitive information, officials have not yet confirmed it. An educational institution in the Puget Sound region has experienced disruption twice this year as a result of questionable computer network activity. A joint warning about ransomware attacks from unscrupulous actors targeting the education sector was released by three federal agencies.

2
A
2 months ago
A
Anonymous
posted in Water Cooler Talk

Fun Friday: What video games are you playing currently?

I, myself, have acquired a crippling Brotato addiction.  Coupled with the Steam Deck, it’s a lethal combination:https://store.steampowered.com/app/1942280/Brotato/Even worse, they just released it on mobile so now I can play on my phone.What games are you enjoying at the moment?  Anyone playing the Diablo 4 beta? 

9
A
2 months ago
A
Anonymous
posted in Water Cooler Talk

Fun Friday: What languages do you speak?

I was lucky enough to spend some time in France as a kid, so I’m fluent in English, French, and I have some limited German comprehension.  How about you, what languages do you speak?  (Feel free to include programming languages too 😀) 

6
A
2 months ago
A
Anonymous
posted in Security News

Bitcoin ATMs Hacked

Over the weekend, General Bytes disclosed that customers' and the company's CASes had lost more than $1.5 million worth of bitcoin. An unidentified threat actor used this interface to upload and run a malicious Java application in order to pull off the heist. This threat actor did so by taking advantage of a previously unidentified vulnerability. The actor then took around 56 Bitcoin, or $1.5 million, from several hot wallets. 15 hours after becoming aware of the vulnerability, General Bytes patched it, but the losses were irrecoverable because of how cryptocurrencies operate.The hacker gained access to the company's database as a result of the attack, reading and decrypting API keys that are used to transmit money from hot wallets and exchanges and access cash there as well as download user names and password hashes. Then turn off 2FAThe General Bytes Cloud service and other GB ATM operators running their servers on Digital Ocean (our preferred cloud hosting provider) were among the C

3
A
2 months ago
A
Anonymous
posted in Security News

CISA Finds Critical Security Vulnerabilities in Industrial Control Systems Alarming

On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued eight Industrial Control Systems (ICS) recommendations highlighting serious vulnerabilities impacting products from Rockwell Automation and Delta Electronics.This covers 13 security flaws in InfraSuite Device Master, a real-time device monitoring programme from Delta Electronics. The problems exist in all releases prior to 1.0.5.According to CISA, successful exploitation of these flaws might provide an unauthenticated attacker access to files and credentials, grant them further rights, and allow them to remotely execute arbitrary code.The most serious weakness on the list is CVE-2023-1133 (CVSS rating: 9.8), which is caused by the fact that InfraSuite Device Master accepts unauthenticated UDP packets and deserializes the data, enabling an unauthenticated remote attacker to execute arbitrary code.The CISA issued a warning on two further deserialization weaknesses, CVE-2023-1139 (CVSS score: 8.8) and CVE-

3
A
2 months ago
A
Anonymous
posted in Share your best practices

Poll: Who's your preferred cloud provider, from the big three?

Feel free to add in why you like your choice in the comments!

8
A
2 months ago
Udipt Bhuyan
Udipt Bhuyan
asked in Security News

DDoS (Distributed Denial of Service) attacks are a major concern in today's Internet security.

Google's Threat Analysis Group (TAG) published a blog update on October 16, 2020, outlining how threats and threat actors are adapting their strategies in light. Similarly GitHub, was hit with a DDoS attack that clocked in at 1.35 terabits per second and lasted for roughly 20 minutes. According to GitHub, the traffic was traced back to “over a thousand different autonomous systems (ASNs) across tens of thousands of unique endpoints.”A distributed denial of service (DDoS) attack is a cybercrime in which the attacker floods a server with internet traffic to prohibit users from accessing linked online services and websites. It is a brute-force attempt to slow down or fully crash a server. https://portswigger.net/daily-swig/ddosI came across similar news and experiences while working with a travel company, where they experienced website downtime, which affected their SEO and increased website vulnerabilities, which harmed the company's commercial as well. As a result, they took too long to

4
A
2 months ago
A
Anonymous
posted in Water Cooler Talk

Interview with John Steven

This is the first in a series of interviews with ThreatModeler employees, founders and community members.  Today we’ll learn more about @John Steven, our CTO: Tell us a bit about yourself.I am first and foremost a curious engineer. I enjoy tearing things down, understanding how they work, and improving them. I've rebuilt cars and motorcycles, homes, cocktails, and cocktail bars. Professionally, I've applied this to OSS and production software, hardware, security programs, and security startups. Quality and craftspersonship are the things I appreciate most. Studying and appreciating what others have been capable of crafting is a joy and I've devoted particular time to food, beverage, and software design. Finally, I'm a father of two boys. More than anything else in my life this is what provides me joy and purpose.How did you come to work at ThreatModeler?I have followed what Archie has been building at ThreatModeler since the beginning. At the time my firm was the largest consulting pro

0
A
2 months ago
Shaiphali Mishra
Shaiphali Mishra
asked in Security News

Threat Modeling Tools Market to Experience Rapid Expansion, Worth $1.6 Billion by 2027.

Expansion of the Threat Modeling Tools Market and its estimated worth of $1.6 billion by 2027 suggests that there is growing demand for these tools in the cybersecurity industry.Read Full Article- https://finance.yahoo.com/news/threat-modeling-tools-market-worth-163000694.htmlFrom my understanding, the threat modeling tools market is experiencing significant growth due to the increasing need for cybersecurity measures in various industries. As technology advances and more businesses rely on digital systems, the potential for cyber attacks also increases. Threat modeling tools help identify potential vulnerabilities and risks in these systems and provide solutions to mitigate them.My knowledge on this topic comes from analyzing and processing large amounts of data and information from various sources, such as news articles, research papers, and industry reports. Through natural language processing and machine learning algorithms, I can understand and interpret complex information and pr

7
Shaiphali Mishra
2 months ago
Udipt Bhuyan
Udipt Bhuyan
posted in Water Cooler Talk

FUN FRIDAY: Art Mango was so much fun for us! We collaborate as a team and treat our crew like family. Describe some of your favourite team-building exercises.

Check out the post from the ThreatModeler team's visit to Art Mango's Paint & Sip event.https://www.linkedin.com/posts/threatmodelersoftware_teambuilding-team-worktogether-activity-7041022668493492224-CAQW/?utm_source=share&utm_medium=member_desktopBack in my working days, I participated in Life's Best Moments activities and Escape game activities. Escape rooms are a fun way for your team to work together to solve puzzles and challenges in order to escape a locked room. This activity requires teamwork, communication, and problem-solving skills, and the Life's Best Moments activity requires participants to step outside of their comfort zones. This activity is great for getting people out of their comfort zones and building meaningful working relationships.Give your thoughts on the most effective team-building exercises you've used?

4
Sudhakanta Mohanty
2 months ago
A
Anonymous
posted in Security News

New attack vector: poisoning training datasets for machine learning

From the abstract:Deep learning models are often trained on distributed, webscale datasets crawled from the internet. In this paper, we introduce two new dataset poisoning attacks that intentionally introduce malicious examples to a model's performance. Our attacks are immediately practical and could, today, poison 10 popular datasets. Our first attack, split-view poisoning, exploits the mutable nature of internet content to ensure a dataset annotator's initial view of the dataset differs from the view downloaded by subsequent clients. By exploiting specific invalid trust assumptions, we show how we could have poisoned 0.01% of the LAION-400M or COYO-700M datasets for just $60 USD. Our second attack, frontrunning poisoning, targets web-scale datasets that periodically snapshot crowd-sourced content -- such as Wikipedia -- where an attacker only needs a time-limited window to inject malicious examples. In light of both attacks, we notify the maintainers of each affected dataset and reco

5
A
2 months ago
Udipt Bhuyan
Udipt Bhuyan
posted in Security News

Changing cybersecurity compliance puts higher education under pressure.

Higher education institutions are under pressure as a result of new cybersecurity compliance regulations. With an increasing amount of sensitive data being stored on digital platforms, it is critical to ensure that cybersecurity safeguards are in place to protect the information.CISA is proposing a new rule that would require covered entities to report cyber incidents and ransomware payments to CISA within hours.https://www.securitymagazine.com/articles/99063-new-cybersecurity-compliance-puts-pressure-on-higher-educationThis is in response to the increasing frequency and severity of cyberattacks and ransomware incidents, which can have serious consequences for critical infrastructure and educational institutions.When I was an engineering student, I attended a state government university where, in our seventh semester, a Communication Engineering paper was leaked online via email and the college's official account was briefly compromised. This security breach caused major concern for th

10
Sudhakanta Mohanty
2 months ago
A
Anonymous
posted in Share your best practices

What tech and security meetups do you go to?

This one is my favorite in Denver, and last week we learned about Karate Labs, which is an awesome open source tool for API testing (functional mostly, but could also be used for security tests):https://www.linkedin.com/posts/ourythomas_great-meetup-today-in-denver-with-team-karate-activity-7039467559452123136-r17PWhat meetups do you attend regularly to stay up to date and network?

8
Sudhakanta Mohanty
2 months ago
A
Anonymous
asked in Security News

Heart Device Maker Says Hack Affected 1 Million Patients

https://www.govinfosecurity.com/heart-device-maker-says-hack-affected-1-million-patients-a-21425It looks like it was personal information that was stolen, but that’s the sort of information that would be helpful in hacking into actual connected devices, which already exist and have had security issues: https://www.ahajournals.org/doi/10.1161/CIRCULATIONAHA.118.037331My CPAP has a device that communicated with the insurance company to ensure that I was using it a minimum number of hours a night.  Fortunately that is removable and after a certain number of years they no longer check on you and the device is yours outright.  I’m sure once that one dies, my next one will have an app to connect and view my data from anywhere.  Not sure if I’ll be enabling that feature.  Anyone else have any connected medical devices?

8
Sudhakanta Mohanty
2 months ago
Terms & ConditionsCookie settings