Africa: William Kabogo to Headline Africa Ciso Summit: [Capital FM] The stage is set for the biggest gathering of cybersecurity professionals in Africa, the second edition of the Africa CISO Summit. http://newsfeed.facilit8.network/TJZjbx #Africa #Cybersecurity #CISOSummit #SecurityProfessionals #TechConference

The stress levels of cybersecurity professionals are on the rise due to the increasing complexity of threats. Organizations must provide adequate mental health support to ensure the well-being of their security teams. Read more about this issue here: https://www.helpnetsecurity.com/2024/10/02/cybersecurity-professionals-stress-levels-grow/ #Cybersecurity #MentalHealth #SecurityProfessionals

Delve into #activedirectory with my latest article! 🚀 Discover the impact of Account Operators, Backup Operators, & Event Log Readers in #offensivesecurity Ideal for #infosec buffs! Read more: https://www.kayssel.com/post/interesting-groups-ad/

#cyberdefense #techinsights #securityprofessionals #cybersecurity

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

An honest and insightful article that is important to many researchers and analysts of terrorism and violent conflict who do not necessarily belong to the intelligence community. #intelligence #securityprofessionals #trauma #ptsd
https://www.politico.com/news/magazine/2022/11/30/secret-agents-trauma-00071223

The entire Ubuntu Jammy repository's *.deb files scanned for setuid binaries:
https://oxasploits.com/code/deb_suid.txt
#infosec #security #securityprofessionals #hacking

🖥️ Check out oxasploits' services selection. Let us build a firewall or do a code review for you today! 👌
https://oxasploits.com/services/
#hacking #infosec #security #securityprofessionals

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

Get a cybersecurity job 🧑🏾‍💻👨‍💻 or your money back 💰🤑 -> https://bit.ly/infosecspringboard (sponsored) #infosec #infosecjobs #cybersecurity #informationsecurity #cybersecurity #cybercareer #careerdevelopment #bootcamp #ethicalhacking #jobhunting #comptia #learntohack #learntocode #cybercoaching #coaching #1on1 #computersecurity #securityprofessionals #money #job #networksecurity

The Human Hacking Conference 2021: Plan to be Amazed! - We’ve got great news! Plans are in motion for The Human Hacking Conference (HHC) 2021, so mark your ... more: https://www.social-engineer.org/social-engineering/the-human-hacking-conference-2021-plan-to-be-amazed/ #thehumanhackingconference2021 #humanhackingconference2021 #generalsocialengineerblog #nonverbalcommunication #psychologicalinfluence #securityprofessionals #bodylanguageanalysis #intelligenceresearch #humandeception