🚨 CISA KEV 1[−]
25 Dec KEVUnderstanding the NSA’s latest guidance on managing OSS and SBOMsSoftware supply chain security continues to be a critical topic to the cybersecurity and software industry, and for good reason — from continued attacks against large software vendors to attackers' malicious focus on the open-source software ecosystem by attackers it is front and…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 1[−]
25 DecOWASP SAMM - Software Assurance Maturity Model - Sebastian Deleersnyder - ASW VaultWe will provide a short introduction to OWASP SAMM, which is a flagship OWASP project allowing organizations to bootstrap and iteratively improve their secure software practice in a measurable way. Seba will explain the SAMM model, consisting of 15 security practices. Every secur…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 2[−]
25 DecCloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research CompaniesThe threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone…THEHACKERNEWS.COM
25 DecSecurity Maturity: From Hostage Negotiator to Business Leader - Sandy Dunn - BSW VaultThroughout her career, Sandy Dunn has continued to mature and refine her skills. In the early days, she describes her job as a "hostage negotiator", constantly negotiating between the business teams and the security team. But as you mature, so does your approach to security. Now,…YOUTUBE.COM