What’s new for TIBER-EU? 本文总结了更新后的TIBER-EU框架，结合DORA TLPT要求，介绍了关键功能（CIFs）的定义与数量限制、角色与责任细化、多党及多司法管辖区测试、测试流程优化、场景与威胁情报报告要求以及紫队作为强制步骤等内容。... 2025-2-14 13:4:9 | 阅读: 23 | 收藏 | NVISO Labs - blog.nviso.eu tiber purple tlpt teaming dora

Backups & DRP in the ransomware era In today’s digital landscape, the threat of ransomware has forced organi... 2025-1-29 07:30:0 | 阅读: 22 | 收藏 | NVISO Labs - blog.nviso.eu backup cloud ransomware principles

Detecting Teams Chat Phishing Attacks (Black Basta) Attack DescriptionFor quite a while now, there has been a new ongoing... 2025-1-16 07:32:14 | 阅读: 31 | 收藏 | NVISO Labs - blog.nviso.eu microsoft bombing subjects

Microsoft Purview – Evading Data Loss Prevention policies IntroductionMicrosoft Purview is a comprehensive solution that helps organizations manage an... 2024-12-18 13:45:17 | 阅读: 19 | 收藏 | NVISO Labs - blog.nviso.eu sensitivity microsoft purview dlp security

Your Playbook to a better Incident Response Plan In 2023, 1271 incidents were reported to European Authorities via EIDAS, NISD, and EECC, a 20%... 2024-12-10 15:30:0 | 阅读: 32 | 收藏 | NVISO Labs - blog.nviso.eu defining exercises ransomware crisis blogpost

Building Cyber Resilience Against Ransomware Attacks Or, “Yet another ransomware blog post?”“Yet another ransomware blog post?” I hear you aski... 2024-12-3 17:37:21 | 阅读: 21 | 收藏 | NVISO Labs - blog.nviso.eu ransomware resilience crisis security

Wake up and Smell the BitLocker Keys Many enterprise laptops use BitLocker to provide full disk encryption (FDE) to protect sensitive... 2024-11-26 15:30:0 | 阅读: 15 | 收藏 | NVISO Labs - blog.nviso.eu tpm bitlocker vmk security chip

The Importance of Establishing a Solid Third Party Risk Management Framework for Risk Mitigation In the previous post, we introduced the concept of Third-Party Risk Management (TPRM) and its... 2024-11-19 15:30:0 | 阅读: 21 | 收藏 | NVISO Labs - blog.nviso.eu security parties tprm monitoring criticality

TLPT & ME: Everything you need to know about Threat-Led Penetration Testing (TLPT) in a TIBER world. In our previous post, we published an analysis of current TIBER implementations ahead of DOR... 2024-11-8 15:55:0 | 阅读: 24 | 收藏 | NVISO Labs - blog.nviso.eu tlpt tiber testers dora ict

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 2 – Confidentiality IntroductionIn the first part of this mini-series, we explored briefly what kind of impact... 2024-10-31 16:48:22 | 阅读: 30 | 收藏 | NVISO Labs - blog.nviso.eu datasets

How AI forces us to expand our thinking about basic cybersecurity concepts: Part 1 – Introduction The traditional CIA Triad (Confidentiality, Integrity, and Availability) has long been a corne... 2024-10-31 01:24:4 | 阅读: 17 | 收藏 | NVISO Labs - blog.nviso.eu security cia triad predictable

Hunting for Remote Management Tools: Detecting RMMs In our previous blog post about RMM (Remote Management and Monitoring) tools, we highlighted the pre... 2024-10-21 15:0:0 | 阅读: 35 | 收藏 | NVISO Labs - blog.nviso.eu bomgar remote rmm rmms remoteurl

All that JavaScript for… spear phishing? NVISO employs several hunting rules in multiple Threat Intelligence Platforms and other sources,... 2024-10-2 23:0:0 | 阅读: 35 | 收藏 | NVISO Labs - blog.nviso.eu phishing cryptojs stage decoded malicious

Emergency Accounts: Last Call! read file error: read notes: is a directory... 2024-9-17 18:21:57 | 阅读: 31 | 收藏 | NVISO Labs - blog.nviso.eu emergency fido2 entra microsoft quorum

Introduction to Third-Party Risk Management In today’s world, organizations are increasingly depending on their third-party vendors, s... 2024-9-12 15:0:0 | 阅读: 29 | 收藏 | NVISO Labs - blog.nviso.eu parties tprm security operational procurement

Hunting Chromium Notifications Earlier this year, NVISO identified an active cluster of domains likely tied to social engineeri... 2024-9-6 15:0:0 | 阅读: 26 | 收藏 | NVISO Labs - blog.nviso.eu chromium microsoft chrome interacted

Validate your Windows Audit Policy Configuration with KQL Defining an audit policy in Windows is crucial for making sure that the appropriate security events... 2024-9-5 15:0:0 | 阅读: 38 | 收藏 | NVISO Labs - blog.nviso.eu subcategory security logoff isempty windows

MEGAsync Forensics and Intrusion Attribution When intrusions near completion, adversaries commonly exfiltrate any data... 2024-9-4 15:0:0 | 阅读: 42 | 收藏 | NVISO Labs - blog.nviso.eu statecache mega megasync rubbish maxime

The Big TIBER Encyclopedia TIBER (Threat Intelligence-Based Ethical Red Teaming) is a framework introduced by the European Cent... 2024-8-29 15:0:0 | 阅读: 77 | 收藏 | NVISO Labs - blog.nviso.eu tiber purple teaming leg

From Evidence to Advantage: Leveraging Incident Response Artifacts for Red Team Engagements What is this blog post about?This blog post is about why incident responder artifacts not on... 2024-8-2 17:0:44 | 阅读: 15 | 收藏 | NVISO Labs - blog.nviso.eu windows artifacts microsoft security software