I'd like to get some input from the CIN community regarding Cyber Threats.
What do you see as top ones???
What do you see as top ones???
Cyber Threats
- Thread starter Trevor Chandler
- Start date
The answer my vary by country, area of Industry / Goverment, or Critical Infrastructure.
APT for sure. Ransomware are a pain, since they copy data before.
Social Engineering with insider threats will work as long people access data.
Depending on the Source:
i can agree to that list. and some threats are connected..
And since the World turns more back to blocks, Cyber Warefare against Critical infrastructure and Political Influence with Voting...
Just my 2c
Michael
APT for sure. Ransomware are a pain, since they copy data before.
Social Engineering with insider threats will work as long people access data.
Depending on the Source:
10. Supply Chain Attacks
9. Man-in-the-Middle (MitM) Attacks (on Path)
8. Distributed Denial of Service (DDoS) Attacks
7. Malware
6. Insider Threats
5. Advanced Persistent Threats (APTs)
4. Internet of Things (IoT) Attacks
3. Cloud Vulnerabilities (Crowd strike, Microsoft Master Key Azure Problem)
2. Ransomware Attacks
1. Social Engineering and Phishing
i can agree to that list. and some threats are connected..
And since the World turns more back to blocks, Cyber Warefare against Critical infrastructure and Political Influence with Voting...
Just my 2c
Michael
The users
Aside from the users, here is a great list
owasp.org
Aside from the users, here is a great list
OWASP Top Ten | OWASP Foundation
The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.
I would add this to this and say @Lee McWhorter with a Flipper Zero. 
That's some scary stuff right there.
/r
That's some scary stuff right there.
/r
Michael, your 2cents is more like a dollar!!! Thank you for your input!!!
Poor usersThe users
Aside from the users, here is a great list
OWASP Top Ten | OWASP Foundation
The OWASP Top 10 is the reference standard for the most critical web application security risks. Adopting the OWASP Top 10 is perhaps the most effective first step towards changing your software development culture focused on producing secure code.
Thanks Gregory for the OWASP link!!!
Hey Mr. Butler, what did Lee ever do to youI would add this to this and say @Lee McWhorter with a Flipper Zero.
That's some scary stuff right there.
/r
Not a thing! But Lee does like to frequent places like Defcon and Blackhat.Hey Mr. Butler, what did Lee ever do to you
Meanwhile, I've acquired a Flipper Zero of my own...for...research purposes...
I started this Monday ritual a couple of years ago. If there is a Monday holiday, it shifts to Tuesday morning.
The first thing I do is check for any updates to the software I use on my business systems. That's Windows 10 and 11 Pro AND a list of applications that I rely on. I also check my cloud accounts at AWS, Google, and Azure (in that order). The next thing I do is look at the NVD dashboard at https://nvd.nist.gov/general/nvd-dashboard.
Some students have asked why I look at the NVD early in the week since the site reports the number of CVEs filed weekly. I'm focused on 'This Month,' 'Last Month,' and 'This Year' data. I view the daily or weekly data as insignificant because it fluctuates wildly. I also look at the 'Last 20 scored..' data to see if any of the software or solutions I use have recently posted or updated CVEs.
My next stop is the KEV Catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog . The Known Exploited Vulnerabilities Catalog is an intel data source that didn't make the Security+ SY0-701 objective cut (much to my disappointment). The KEV Catalog is an extremely valuable tool to identify what vulnerabilities threat actors are using now.
I maintain a list of software I use in a spreadsheet (with the Support URL and end date if the software is licensed) and keep telling myself that I should spend the time to automate this process. I haven't gotten around to that yet.
So, my long answer to Professor Chandler's question about the top cyber threats is 'the ones that can hurt me.'
The first thing I do is check for any updates to the software I use on my business systems. That's Windows 10 and 11 Pro AND a list of applications that I rely on. I also check my cloud accounts at AWS, Google, and Azure (in that order). The next thing I do is look at the NVD dashboard at https://nvd.nist.gov/general/nvd-dashboard.
Some students have asked why I look at the NVD early in the week since the site reports the number of CVEs filed weekly. I'm focused on 'This Month,' 'Last Month,' and 'This Year' data. I view the daily or weekly data as insignificant because it fluctuates wildly. I also look at the 'Last 20 scored..' data to see if any of the software or solutions I use have recently posted or updated CVEs.
My next stop is the KEV Catalog https://www.cisa.gov/known-exploited-vulnerabilities-catalog . The Known Exploited Vulnerabilities Catalog is an intel data source that didn't make the Security+ SY0-701 objective cut (much to my disappointment). The KEV Catalog is an extremely valuable tool to identify what vulnerabilities threat actors are using now.
I maintain a list of software I use in a spreadsheet (with the Support URL and end date if the software is licensed) and keep telling myself that I should spend the time to automate this process. I haven't gotten around to that yet.
So, my long answer to Professor Chandler's question about the top cyber threats is 'the ones that can hurt me.'
Mr. Brian Ford, your response fits in the category of "Out-of-the-box" thinking!!! Very orginal, and most insightful!
I'll bet there weren't many in the CIN community saw that coming!
You provided me with so much more, with the mentioning of NVD dashboard, and the KEV Catalog. The next time there is a security-based TTT, I'm going to ask, those in attendance, if they are aware of these two resources. Even as an optimist, I'm speculating that less than 5% will respond in the affirmative.
Since the KEV Catalog didn't make its way into the Sec+ exam objectives, I have to believe that you weren't a part of the SME group that participated in the exam development! Maybe it will show up on the CASTP+ objectives one day.
Thank you for your "long" answer. It certainly provided me with much more than I could have ever expected!!!!
Last edited: