The hottest Network Security Substack posts right now

And their main takeaways
Category
Top Technology Topics

The KQL Mysteries: Chapter 6

Rod’s Blog 416 implied HN points 22 Jan 24
🕹 Technology Cybersecurity Data Analysis Network Security
  1. Jon discovers that the Night Princess was behind the cyber-attacks on his company, manipulating data, planting false clues, and covering her tracks.
  2. Jon uses KQL skills to investigate the Night Princess's activities by analyzing logon events and network events in the company's database.
  3. Collaboration between the Night Princess, CyberGhost, and DarkAngel in the cyber-attacks surfaces, raising questions about the Night Princess's identity and motives.

The KQL Mysteries: Chapter 2

Rod’s Blog 99 implied HN points 04 Dec 23
🕹 Technology Cybersecurity Data Analysis Network Security
  1. Jon and Sofia used KQL queries to identify and isolate an infected computer in the finance department.
  2. The malware was discovered disguised as a legitimate application, hidden in the Recycle Bin to avoid detection.
  3. Jon and Sofia's discovery of the global financial breach hints at a larger, more sinister threat by a group known as Night Princess.

Microsoft Sentinel SOC 101: How to Detect and Mitigate Drive-by Download Attacks with Microsoft Sentinel

Rod’s Blog 59 implied HN points 04 Oct 23
🕹 Technology Cybersecurity Software Data Analysis Incident Response Network Security
  1. Drive-by download attacks exploit vulnerabilities to download malicious code without user knowledge. They can lead to data breaches and install malware.
  2. Mitigation strategies include user education, enforcing security policies, monitoring network traffic, and using SIEM services like Microsoft Sentinel.
  3. Microsoft Sentinel can help detect drive-by download attacks by collecting relevant data, enriching it, analyzing with rules and ML, visualizing results, and automating incident response.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Microsoft Sentinel SOC 101: How to Detect and Mitigate Man/Adversary-in-the-Middle (MitM/AitM) Attacks with Microsoft Sentinel

Rod’s Blog 59 implied HN points 29 Sep 23
🕹 Technology Cybersecurity Network Security Incident Response Machine Learning
  1. Man-in-the-Middle attacks are serious cyber threats that can lead to data breaches and financial loss for organizations.
  2. Microsoft Sentinel is a powerful tool that leverages AI, machine learning, and integration with Microsoft Defender for Endpoint to detect and mitigate Man-in-the-Middle attacks effectively.
  3. Implementing best practices such as using secure communication protocols, regular system updates, multi-factor authentication, and employee training can further enhance network security against Man-in-the-Middle attacks.

Thrunting Grounds

Rhythms of Research 58 implied HN points 17 Sep 23
🕹 Technology Threat Detection Cybersecurity Forensics Network Security
  1. Not all observables listed in threat intel reporting should be labeled as 'IOCs', as many of them don't indicate compromise.
  2. The distinction between IOCs and non-IOCs in threat hunting can help make threat intel reports more actionable for organizations.
  3. Differentiating between internally-focused threat detection (IOCs) and externally-focused threat hunting (exothrunting) observables can enhance threat detection efforts.

You have tout compris

Venture Prose 79 implied HN points 07 Sep 20
🕹 Technology Internet Equipment Network Security
  1. In rural areas with poor wired connections, consider coupling your Free.fr Internet subscription with an unlimited 4G plan for better coverage and speed.
  2. Invest in necessary equipment like a 4G router, antenna, loadbalancer, and mesh network to optimize and distribute your 4G connection throughout your home effectively.
  3. Despite the initial investment in equipment, once set up, the cost for an unlimited 4G plan is relatively affordable at 15.99€, offering improved Internet speed and reliability.

The Dark Side of Certificates: Exposing Your Network to Hackers

relaymonkey 2 HN points 14 Apr 23
🕹 Technology Network Security Cybersecurity Analysis
  1. Be cautious of the information exposed in TLS/SSL certificates, as it can significantly expand the attack surface for malicious actors.
  2. Utilizing tools like Simple Hostname Discovery (SHD) can help identify potential security risks in the SAN field of certificates.
  3. Prevent misuse of the SAN field in certificates by using dedicated certificates for each hostname, rotating certificates regularly, and implementing SSL certificate pinning for mobile applications.

Enhancing Cybersecurity with Autonomous Moving Target Defense

ussphoenix 1 HN point 17 Mar 23
🕹 Technology Cybersecurity Automation Deception Network Security
  1. Autonomous Moving Target Defense (AMTD) aims to enhance system security by dynamically changing the attack surface.
  2. AMTD includes proactive cyber defense mechanisms, automation, deception technologies, and intelligent change decisions.
  3. AMTD is crucial in cybersecurity strategies to protect against evolving threats, especially with the increasing adoption of cloud applications.

FengtaiSec Completes 120 Million Yuan B+ Round Financing

CyberSecurityMew 0 implied HN points 06 Jun 23
🕹 Technology Cybersecurity Financing Network Security Innovation
  1. FengtaiSec completed a 120 million yuan B+ round financing on June 6, 2023, mainly for strategic layout and technological innovation.
  2. The industrial network security industry in China is advancing rapidly due to innovation and extensive applications in various sectors.
  3. Investors in FengtaiSec highlighted the company's innovation in the industrial security sector and its potential in safeguarding digitalization in industrial settings.

WebRay IPO on China STAR Market today with the stock code "688651."

CyberSecurityMew 0 implied HN points 26 Jul 23
💼 Business IPO Cybersecurity Network Security Technology Innovation
  1. WebRay, a leading network security firm in China, had a successful IPO on the Shanghai Stock Exchange's Sci-Tech Innovation Board, with a strong opening on its first day of trading.
  2. WebRay aims to bring order to cyberspace and focus on national security strategies, investing in research and development of network information security.
  3. WebRay is dedicated to offering innovative security products and solutions, aiming to be a growth-oriented and efficient digital network security provider in the new era.

让远程浏览器隔离拥抱未来 Embrace the future with RBI|安全红蓝紫

CyberSecurityMew 0 implied HN points 27 Nov 23
🕹 Technology Cybersecurity Network Security Cloud Computing Government Contracts Remote work
  1. The concept of Remote Browser Isolation (RBI) was first developed and deployed in 2010 at the Lawrence Livermore National Laboratory, known as SafeWeb.
  2. RBI technology, integrated into Security Access Service Edge (SASE) framework, helps protect against web-based threats by isolating user web browsing activity from internal networks.
  3. Implementing RBI, as recommended by CISA, is widely accepted as a strategic architecture decision by large organizations dedicated to a zero-trust approach, helping reduce attack surface and enhance cybersecurity.

专题·年度回顾展望 | 2023年国家网络安全总体态势分析与趋势研判

CyberSecurityMew 0 implied HN points 04 Feb 24
🕹 Technology Cybersecurity Data security Artificial Intelligence Network Security Digital innovation
  1. The US is intensifying its methods to press China in the tech sector, aiming to block and hunt down Chinese tech.
  2. Foreign hackers, especially those with government backing, target China's key information infrastructure, posing a severe threat to national security.
  3. Illegal cross-border data transfers and underground data trading on the dark web are significant risks for data security.

Breaking Byzantine Fault Tolerance

Coin Metrics' State of the Network 0 implied HN points 27 Feb 24
🕹 Technology Blockchain Cryptocurrency Network Security Economic Analysis Market Trends
  1. The Total Cost to Attack (TCA) metric introduced in the research is a valuable tool for assessing the economic viability of potential threats to Bitcoin and Ethereum networks.
  2. Analyzing the economics of potential attacks on blockchain networks highlights significant economic disincentives for attackers, with the costs to compromise Bitcoin ranging from $5B to $20B and Ethereum's cost estimated around $34 billion, proving to be prohibitively high.
  3. The study emphasizes the security mechanisms of major blockchain networks like Bitcoin and Ethereum, indicating a promising future for the cryptocurrency industry amidst market growth.

Dataplane.org 2022 Year In Review

Dataplane.org Newsletter 0 implied HN points 04 Apr 23
🕹 Technology Data Analysis Network Security Internet Trends Cybersecurity Data Collection
  1. Dataplane.org reflected on 2022 to analyze what went well, improved the website, moved social presence to Mastodon, and boosted backend infrastructure.
  2. Insights from DNS queries revealed top unsolicited queries like www.google.com and common passwords like '123456'.
  3. Dataplane.org is preparing a public archive, planning for tax season, and welcoming donations for continuous availability of Signals data.