BLOG

August 2, 2022

Cybersecurity Maturity Model Certification (CMMC) Program – Part 3

Cybersecurity Maturity Model Certification (CMMC) 2.0 is a certification framework implemented by the US Department of Defence (DoD) to protect the information and ingenuity pertinent to the national security of the US used in the process and for the sake of procurement by independent contractors. Depending on the type of accessed and processed information contractors are required to acquire relevant level certification prescribed by the requirements and model of assessment from the three available tiers.

Read more
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 6
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 6

29.07.2022

TRITON malware was first identified during an attack on a Saudi Arabian petrochemical plant facility in the year 2017 and it targets Schneider Electric’s Triconex Tricon controllers. This was the first time in history that safety instrumented systems were targeted with the intention to fail, potentially leading to serious damage to property and humans. TRITON’s toolbox contains eleven of the fourteen tactics mapped by MITTRE ATT&CK Matrix for Enterprise, the universally renowned knowledge base of adversary tactics and techniques based on real-world observations.

More
Smart Meters in the context of Smart Grid and AMI architecture. Security, Vulnerability and Best Practice – Part 2
Smart Meters in the context of Smart Grid and AMI architecture. Security, Vulnerability and Best Practice – Part 2

28.07.2022

The power grid, which is one of the most crucial pieces of critical infrastructure, is on top of the list of interest to various APTs (Advanced Persistent Threat – stealthy threat actor, typically nation or state-sponsored) and other threat actors. Hence the security testing of such solutions as Advanced Metering Infrastructure (AMI) and Smart Meters as well as their security solutions must be of the highest standards. In this series of articles, SEQRED presents the topic of Smart Meter security in the wider context of the Smart Grid and the AMI architecture.

More
Cybersecurity Maturity Model Certification (CMMC) Program – Part 2
Cybersecurity Maturity Model Certification (CMMC) Program – Part 2

26.07.2022

Cybersecurity Maturity Model Certification (CMMC) 2.0 is a certification framework implemented by the US Department of Defence (DoD) to protect the information and ingenuity pertinent to the national security of the US used in the process and for the sake of procurement by independent contractors. Depending on the accessed and processed information contractors are required to acquire relevant level certification prescribed by the requirements and model of assessment. For Level 1 (Foundational) – assessment of the following areas is subject to audit:

More
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 5
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 5

22.07.2022

TRITON malware was first identified during an attack on a Saudi Arabian petrochemical plant facility in the year 2017 and it targets Schneider Electric’s Triconex Tricon controllers. This was the first time in history that safety instrumented systems were targeted with the intention to fail, potentially leading to serious damage to property and humans. TRITON’s toolbox contains eleven of the fourteen tactics mapped by MITTRE ATT&CK Matrix for Enterprise, the universally renowned knowledge base of adversary tactics and techniques based on real-world observations.

More
Smart Meters in the context of Smart Grid and AMI architecture. Security, Vulnerability and Best Practice – Part 1
Smart Meters in the context of Smart Grid and AMI architecture. Security, Vulnerability and Best Practice – Part 1

21.07.2022

Over the next four Thursdays, SEQRED’s blog entries will be devoted to the topic of Smart Meter security in the wider context of the Smart Grid and the AMI architecture. We will present a synopsis of the AMI architecture conduct a vulnerability assessment of the AMI system including a security overview of a Smart Meter execute a controlled attack on a Smart Meter present the Cybersecurity best practice for AMI infrastructure The blog entries are based on an article by Krzysztof Swaczyński, board member of SEQRED, published in late May in the Data Cybersecurity & Privacy Magazine under the title

More
Cybersecurity Maturity Model Certification (CMMC) Program – Part 1
Cybersecurity Maturity Model Certification (CMMC) Program – Part 1

18.07.2022

The Cybersecurity Maturity Model Certification (CMMC) Program is a certification program introduced by the U.S. Department of Defence to protect national security information in response to the increasingly frequent and complex cyberattacks on the Defence Industrial Database (DIB). The programme’s goal is to preserve American ingenuity and national security. To achieve this, in view of the constantly evolving landscape of cyber threats, the DoD devised CMMC 2.0 to dynamically improve DIB cybersecurity to help safeguard the information that supports and enables the supply chain.

More
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 4
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 4

15.07.2022

In part 4 of the TRITON tactics and technics series come the Credential Access techniques for stealing credentials like account names and passwords. Techniques used to get credentials include keylogging or credential dumping. Using legitimate credentials can give adversaries access to systems, make them harder to detect, and provide the opportunity to create more accounts to help achieve their goals. These techniques have been mapped by MITRE ATT&CK in their universally renowned knowledge base of adversary tactics and techniques based on real-world observations.

More
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 8
TRITON’s Tactics and Techniques in the Enterprise domain + mitigations – Part 8

13.07.2022

TRITON malware was first identified during an attack on a Saudi Arabian petrochemical plant facility in the year 2017 and it targets Schneider Electric’s Triconex Tricon controllers. This was the first time in history that safety instrumented systems were targeted with the intention to fail, potentially leading to serious damage to property and humans. TRITON’s toolbox contains eleven of the fourteen tactics mapped by MITTRE ATT&CK Matrix for Enterprise, the universally renowned knowledge base of adversary tactics and techniques based on real-world observations.

More
Man in the Middle Attacks & Mitigation
Man in the Middle Attacks & Mitigation

12.07.2022

What is a Man in the Middle attack? Man in the Middle attack is a type of cyber attack where an attacker intercepts and relays messages between two parties who believe they are communicating with each other. MITM attacks pose a serious threat to online security because the attacker can capture and manipulate sensitive data, like login credentials, account details or credit card numbers in real-time. Depending on the attacker’s intentions they can passively eavesdrop on the communication or actively change the content of the information they intercept.

More