Cyber intelligence – assessing an adversary’s capabilities, intentions, and activities in the cyber domain – should support and inform the entirety of an organization’s network operations, including offensive and defensive processes. Though essential to an organization’s cyber activities, cyber intelligence as a professional discipline is relatively emergent, particularly its unique tradecraft – a blend of technical knowledge (e.g., network operations, communications, and perhaps digital forensics or malware reverse engineering) and classic analytic skills (e.g., hypothesis and alternative testing).

(more…)

What is Credential Dumping?
When the term password cracking is used in the cyber world, it is being used as a broad concept as it shelters all the methods related to attacking/dumping/retrieving passwords of the victim/target. But today, in this article we will solely focus on a technique called Credential Dumping. Credential dumping is said to be a technique through which username and passwords are extracted from any login account from the target system. It is this technique that allows an attacker to get credentials of multiple accounts from one person. And these credentials can be of anything such as a bank, email account, social media account, wireless networks.

(more…)

Globally, governments have been forced to act quickly in response to COVID-19 and to find new ways of working.

In many instances this has been effective, but it has also come at the expense of some of the usual rigor and diligence that is expected and required of governments. To support people and economies, governments have had to relax spending rules, implement changes rapidly and take shortcuts that may expose them to risk.

The risk landscape in the post-pandemic new reality will likely be one that has accumulated through each phase of the crisis

Click to download

Become a CISSP – Certified Information Systems Security Professional

Accelerate your cybersecurity career with the CISSP certification.

Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program. With a CISSP, you validate your expertise and become an (ISC)² member, unlocking a broad array of exclusive resources, educational tools, and peer-to-peer networking opportunities.

Prove your skills, advance your career, help earn the salary you want and gain the support of a community of cybersecurity leaders here to support you throughout your career

Click to download

Based on technical assistance to central banks by the IMF’s Monetary and Capital Markets Department and Information Technology Department, this paper examines fintech and the related area of cybersecurity from the perspective of central bank risk management. The paper draws on findings from the IMF Article IV Database, selected FSAP and country cases, and gives examples of central bank risks related to fintech and cybersecurity.

The paper highlights that fintech- and cybersecurity-related risks for central banks should be addressed by operationalizing sound internal risk management by establishing and strengthening an integrated risk management approach throughout the organization, including a dedicated risk management unit, ongoing sensitizing and training of Board members and staff, clear reporting lines, assessing cyber resilience and security posture, and tying risk management into strategic planning.. Given the fast-evolving nature of such risks, central banks could make use of timely and regular inputs from external experts.

Click to download