elefant @elefant

0 posts0 participants0 posts today

**LMG Security** @LMGsecurity@infosec.exchange · Jun 5

LMG Security @LMGsecurity@infosec.exchange

Just released! Our Top Cybersecurity Control selection for Q2 2025 is Continuous Vulnerability Management (CVM).

Why CVM? We’ve analyzed the trends, and today’s threat landscape demands more than periodic scans and reactive fixes. Attackers are exploiting new vulnerabilities within hours, sometimes minutes, of disclosure. You need a program that’s always on, and it’s also becoming a compliance necessity.

Read the analysis on why CVM is the top control for Q2 and how to put it into action: https://www.lmgsecurity.com/why-continuous-vulnerability-management-is-the-top-cybersecurity-control-for-q2-2025/?latest

Continuous vulnerability management image

LMG SecurityWhy Continuous Vulnerability Management Is the Top Cybersecurity Control for Q2 2025 | LMG SecurityContinuous vulnerability management is critical to combat today's cybersecurity threats. Learn why it's our top control for Q2 2025 and how it can reduce your risk.

#Cybersecurity #ContinuousVulnerabilityManagement #VulnerabilityManagement

**Andrew Brandt** @threatresearch@infosec.exchange · Apr 10 *

Apr 10 *

Andrew Brandt @threatresearch@infosec.exchange

It sometimes pays to run domains that serve purely as spam honeypots. Case in point: A spammer has been delivering a ConnectWise commercial remote access client application as a payload in a scam that uses the purported arrival of a US Social Security statement as its hook.

A ...

An email that looks very much like it comes from the Social Security Administration but leads to malware.

It says "We trust that you will find the new format both informative and useful."

Dear reader, it was neither informative nor useful.

#ConnectWise #malware #spam

**The Privacy Foundation** @theprivacyfoundation@mastodon.social · Apr 7

Apr 7

The Privacy Foundation @theprivacyfoundation@mastodon.social

Musk/DOGE is a widely exposed single point of failure for international security. All it takes is for a state to overcome the personal security of inexperienced barely-post-tweens to essentially access all American information. There is no oversight on how the people's data is being handled. This is the worst kind of attack surface possible.

#infosec #doge #maga

**Wulfy** @n_dimension@infosec.exchange · Apr 1

Apr 1

Wulfy @n_dimension@infosec.exchange

Is there an attack/vector "official" report template?

I got an ongoing nation-state attack on one on my properties that I am barely keeping on top of and would like to get some help, but I would like to write it up properly before I cry wolf.

#imfosec #attacksurface is #WP

**AJCxZ0** @AJCxZ0@infosec.exchange · Feb 17

Feb 17

AJCxZ0 @AJCxZ0@infosec.exchange

Assets.

Thank you, @runZeroInc.

#runZero #AssetDiscovery #NetworkDiscovery

**Doug Bostrom** @Doug_Bostrom@scicomm.xyz · Jan 9

Jan 9

Doug Bostrom @Doug_Bostrom@scicomm.xyz

Ideally, security schemes ought to _shrink_ the #AttackSurface.

But shrunken attack surfaces are not very glossy. Complexity must be introduced in order to sell bolting on yet another business plan, products and services.

Here a vulnerability and easy low-skill common point of unauthorized entry was purchased at great cost by customers thinking they were becoming safer, even as by so doing they were expanding the perimeter of their #ThreatHorizon.

https://www.theregister.com/2025/01/09/zeroday_exploits_ivanti/

The Register · Jan 9Zero-day exploits plague Ivanti Connect Secure appliances for second year runningBy Connor Jones

**Secureworks** @Secureworks · Jun 26, 2023

Jun 26, 2023

Secureworks @Secureworks

Our open, extensible architecture provides better visibility across your entire #attacksurface by integrating threat information from your existing and future security investments.

Learn more about the power of Taegis XDR: https://www.secureworks.com/products/taegis/xdr #XDR #Secureworks

**Geekmaster** @Geekmaster · Jun 5, 2023

Jun 5, 2023

Geekmaster @Geekmaster

It's time to start really thinking hard about how to #ProtectAI and ourselves from #AI. Finally, someone is starting the conversation about identifying the #AttackSurface. We need to build upon this as the weeks/months carry on with #LLM like #ChatGPT: https://danielmiessler.com/blog/the-ai-attack-surface-map-v1-0/?mc_cid=e624e51c73&mc_eid=f3b7f7e36f

Daniel MiesslerThe AI Attack Surface Map v1.0Introduction Purpose Components Attacks Discussion Summary Introduction This resource is a first thrust at a framework for thinking about how to attack AI

Recent searches

Search options

Administered by:

Server stats:

#attacksurface