[go: nahoru, domu]

WO2020060503A1 - An email threat simulator for identifying security vulnerabilities in email protection mechanisms - Google Patents

An email threat simulator for identifying security vulnerabilities in email protection mechanisms Download PDF

Info

Publication number
WO2020060503A1
WO2020060503A1 PCT/TR2018/050512 TR2018050512W WO2020060503A1 WO 2020060503 A1 WO2020060503 A1 WO 2020060503A1 TR 2018050512 W TR2018050512 W TR 2018050512W WO 2020060503 A1 WO2020060503 A1 WO 2020060503A1
Authority
WO
WIPO (PCT)
Prior art keywords
email
attack
security systems
vulnerabilities
ets
Prior art date
Application number
PCT/TR2018/050512
Other languages
French (fr)
Inventor
Ozan UÇAR
Original Assignee
Ucar Ozan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ucar Ozan filed Critical Ucar Ozan
Priority to PCT/TR2018/050512 priority Critical patent/WO2020060503A1/en
Publication of WO2020060503A1 publication Critical patent/WO2020060503A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1433Vulnerability analysis

Definitions

  • the present disclosure relates to an email threat simulator for identifying security vulnerabilities in email servers and existing email protection mechanisms and automatically fix them to provide remediation services and regular testing of technology environment.
  • US20130232576A1 discloses a computer system security and more specifically to scalable cyber-threat detection systems and methods that systematically and automatically execute and monitor code within a secure isolated environment to automatically identify and filter out malicious code so that it is not executed on a live system.
  • the system works on an isolated environment and does not let to maintain a‘real world’ testing and therefore tested environment will be interrupted until the end of the testing process.
  • ETS email threat simulator
  • IOC indicators of compromise
  • exploitation frameworks as well as manual sources, to constantly maintain an up-to-date set of attack types.
  • ETS generates the attacks that sends more than 240 known and current attack vector types including ransomware, browser exploits, malicious code and attachments and file format exploits to the test mailbox and check their status.
  • ETS allows to conduct real-world tests for cyber-security risks, instead of monitoring traffic between the server and client which is insufficient for antispam, antivirus and email services.
  • ETS has some unique methods:
  • ETS provides‘real world’ testing rather than testing active network devices by just moving traffic which is insufficient ETS includes integrated cyber intelligence services. Simple to configure and does not require any installation or complicated server-side setup unlike known vulnerability scanning services.
  • ETS includes integrated cyber intelligence engines. Thus, it allows a user to take action against the cyber-attacks and its outcomes, early by learning sensitive data belonging to the company (email address, password, domains similar to domain name, etc.) from leaked data and anonymous sources in dark/deep web.
  • Figure 1 shows the flow diagram of the method for identifying security vulnerabilities in email security systems.
  • FIG. 2 shows basic flow diagram of the method ending with different actions.
  • Figure 3 shows last scans and vulnerability trend interface.
  • Figure 4 shows plugin based quick scan summary interface.
  • Figure 5 shows plugin and category based result screen.
  • An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element.
  • Email threat simulator offers regular testing and remediation services for testing, improving and taking additional measures of technological investments. Moreover, with simulation logic, ETS tests the attack vectors targeting the institutions through the email service and helps to take the necessary actions according to results.
  • ETS has two main components such as a cloud simulation server and an email service add-in.
  • the simulation server generates attack vectors and manages the simulation from beginning to end.
  • the email service add-in takes and reports notifications to the user and triggers email contents to test the email security systems in the environment.
  • Figure 1 and Figure 2 show flow diagram of the method for identifying security vulnerabilities in email security systems.
  • the basic process steps of the method are as follows:
  • attack types can be spam, phishing, ransomware, malicious code, browser exploit, malicious URL, malicious attachment, file format exploit, client-side attack, misconfig etc. as categorized in Figure 4.
  • active and passive security systems such as antispam, antivirus, data loss prevention (DLP), 0-day defense systems, security information and event management (SIEM), malware analysis, sandbox, anomaly detection, intrusion detection and prevention (IDS/IPS), endpoint protection etc. can be tested with directed attack vectors in ETS.
  • Security vulnerabilities and misconfigurations can be detected by using the following approaches:
  • a risk score is generated for available email security systems by comparing the number of successful attacks with the number of attack vectors and evaluating successful attack types.
  • Figure 3 shows the scores calculated according to the average of Phishing, Vulnerability, CTI (Cyber Threat Intelligence) scores, feedback of system administrators and third party methodologies.
  • ETS email service add-in contains all the details of the simulation results.
  • Figure 5 shows simulation results including successful attacks which are reported as‘failed’ and require immediate action.
  • ETS provides a list of remediation tasks necessary to remove vulnerability and auto-fix feature can automatically update the firewall, anti-spam and IPS.
  • ETS continues to generate attack simulations on a customisable schedule, and when new attack vectors are discovered, delivering a constant set of up-to-date results and providing useful guidance on additional measures of technological investment.
  • ETS For activating auto-fix feature, ETS establishes connections with security systems via access protocols (POP3, IMAC, etc.) and sends necessary commands with signatures, rules, configurations, algorithms, artificial intelligence approach etc.
  • Email service and security systems properties such as API, IP, Port, domain/hostname are defined to ETS cloud server.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention, email threat simulator (ETS), identifies security vulnerabilities in email servers and existing email protection mechanisms and automatically fix them to provide remediation services and regular testing of the technology environment. ETS is integrated with industry-leading lOCs and exploitation frameworks, as well as manual sources, to constantly maintain an up-to-date set of attack types. Using simulation logic, ETS generates an attack that sends more than 240 known and current attack vector types including ransomware, browser exploits, malicious code and attachments and file format exploits to the test mailbox and check their status. By this way, ETS allows to conduct real-world tests for cyber-security risks, instead of monitoring traffic between the server and client which is insufficient for antispam, antivirus and email services.

Description

AN EMAIL THREAT SIMULATOR FOR IDENTIFYING SECURITY VULNERABILITIES IN
EMAIL PROTECTION MECHANISMS
Technical Field
The present disclosure relates to an email threat simulator for identifying security vulnerabilities in email servers and existing email protection mechanisms and automatically fix them to provide remediation services and regular testing of technology environment.
Background
Systems require regular checks and maintenance to get protected against cyber threats those are blossoming with a startling pace. Common data breach exposures include personal information, such as credit card numbers, social security numbers and healthcare histories, as well as corporate information, such as customer lists, manufacturing processes and software source code. If anyone not specifically authorized to do so views such data, the organization charged with protecting that information is said to have suffered a data breach. If a data breach results in identity theft and/or a violation of government or industry compliance mandates, the offending organization may face fines or other civil litigation.
Attacks are now moving into business critical systems, which encrypt file servers or databases, inflicting more damage and commanding bigger ransom requests. Emails forming the main communication channel in most companies and organisations, therefore email data breaches are the main cause of critical data loss. Over 90% of successful data breaches are initiated by an email-based attack. These attacks cost businesses $3 trillion per year and drive considerable technological investments, such as firewalls and anti-spam, to provide protection. In fact, most of high level companies employ white hat hackers to constantly test their security systems and identify vulnerabilities.
The application numbered US20130232576A1 discloses a computer system security and more specifically to scalable cyber-threat detection systems and methods that systematically and automatically execute and monitor code within a secure isolated environment to automatically identify and filter out malicious code so that it is not executed on a live system. The system works on an isolated environment and does not let to maintain a‘real world’ testing and therefore tested environment will be interrupted until the end of the testing process.
Methods, network devices, and machine-readable media for an integrated environment for automated processing of reports of suspicious messages, and furthermore, to a network for distributing information about detected phishing attacks are stated in application no. US20160301705A1 . The system needs an identifier and user action to process incoming messages and report suspicious ones. It has no testing purpose of technology environment invested on security systems. Naturally, the system cannot give any feedback or report vulnerabilities on available protection mechanisms.
Summary
The present invention, email threat simulator (ETS), aims to identify security vulnerabilities in email servers and existing email protection mechanisms and automatically fix them to provide remediation services and regular testing of technology environment. ETS is integrated with industry-leading IOC (indicators of compromise) and exploitation frameworks, as well as manual sources, to constantly maintain an up-to-date set of attack types. Using simulation logic, ETS generates the attacks that sends more than 240 known and current attack vector types including ransomware, browser exploits, malicious code and attachments and file format exploits to the test mailbox and check their status. By this way, ETS allows to conduct real-world tests for cyber-security risks, instead of monitoring traffic between the server and client which is insufficient for antispam, antivirus and email services.
Unlike the other cyber threat simulation platforms, ETS has some unique methods:
ETS provides‘real world’ testing rather than testing active network devices by just moving traffic which is insufficient ETS includes integrated cyber intelligence services. Simple to configure and does not require any installation or complicated server-side setup unlike known vulnerability scanning services.
ETS tests missing/incorrect configuration options.
ETS includes integrated cyber intelligence engines. Thus, it allows a user to take action against the cyber-attacks and its outcomes, early by learning sensitive data belonging to the company (email address, password, domains similar to domain name, etc.) from leaked data and anonymous sources in dark/deep web.
ETS reports intrusions via domain squatting and ETS includes integrated cyber intelligence services. The reports will help you answer the following questions: How good is my current situation and or is it bad?
- What is the root cause of problems?
Do I use technological investments effectively enough?
- What are my configuration shortcomings, do I repeat my mistakes?
Brief Description of the Drawing
Figure 1 shows the flow diagram of the method for identifying security vulnerabilities in email security systems.
Figure 2 shows basic flow diagram of the method ending with different actions.
Figure 3 shows last scans and vulnerability trend interface.
Figure 4 shows plugin based quick scan summary interface.
Figure 5 shows plugin and category based result screen.
Detailed Description
An attack vector is a path or means by which a hacker can gain access to a computer or network server in order to deliver a payload or malicious outcome. Attack vectors enable hackers to exploit system vulnerabilities, including the human element. Email threat simulator (ETS) offers regular testing and remediation services for testing, improving and taking additional measures of technological investments. Moreover, with simulation logic, ETS tests the attack vectors targeting the institutions through the email service and helps to take the necessary actions according to results. ETS has two main components such as a cloud simulation server and an email service add-in. The simulation server generates attack vectors and manages the simulation from beginning to end. The email service add-in takes and reports notifications to the user and triggers email contents to test the email security systems in the environment.
Figure 1 and Figure 2 show flow diagram of the method for identifying security vulnerabilities in email security systems. The basic process steps of the method are as follows:
• generating attack vectors in a simulation server integrated with lOCs, exploitation frameworks, third-party services, vulnerability scanners and/or manual sources to maintain up-to-date set of attack types,
• directing attack vectors to technology environment to be tested through email services, • opening emails and their contents/enclosures via an email service add-in to test available security systems established to protect the technology environment,
• detecting vulnerabilities and misconfigurations in security systems by evaluating successful attacks and attack types,
• creating a list of remediation tasks to remove vulnerability and updating security systems against to successful attacks.
Abovementioned attack types can be spam, phishing, ransomware, malicious code, browser exploit, malicious URL, malicious attachment, file format exploit, client-side attack, misconfig etc. as categorized in Figure 4. Almost all active and passive security systems such as antispam, antivirus, data loss prevention (DLP), 0-day defense systems, security information and event management (SIEM), malware analysis, sandbox, anomaly detection, intrusion detection and prevention (IDS/IPS), endpoint protection etc. can be tested with directed attack vectors in ETS. Security vulnerabilities and misconfigurations can be detected by using the following approaches:
• sending emails to target email address from external network,
• sending emails to external test environment from the internal network,
• providing connections to email service and security systems,
• using threat intelligence networks.
In preferred embodiment, a risk score is generated for available email security systems by comparing the number of successful attacks with the number of attack vectors and evaluating successful attack types. Figure 3 shows the scores calculated according to the average of Phishing, Vulnerability, CTI (Cyber Threat Intelligence) scores, feedback of system administrators and third party methodologies.
In another embodiment, successful attacks, vulnerabilities, remediation tasks to remove vulnerabilities and updates performed on security systems are reported to authorised people in the tested environment. The report interface of ETS email service add-in contains all the details of the simulation results. Figure 5 shows simulation results including successful attacks which are reported as‘failed’ and require immediate action. ETS provides a list of remediation tasks necessary to remove vulnerability and auto-fix feature can automatically update the firewall, anti-spam and IPS. ETS continues to generate attack simulations on a customisable schedule, and when new attack vectors are discovered, delivering a constant set of up-to-date results and providing useful guidance on additional measures of technological investment. For activating auto-fix feature, ETS establishes connections with security systems via access protocols (POP3, IMAC, etc.) and sends necessary commands with signatures, rules, configurations, algorithms, artificial intelligence approach etc. Email service and security systems properties such as API, IP, Port, domain/hostname are defined to ETS cloud server. As a result, further attacks with the same attack type with successful ones can be detected, blocked and deleted.

Claims

1. A method for identifying security vulnerabilities in email security systems, comprising the steps of:
• generating attack vectors in a simulation server integrated with lOCs, exploitation frameworks, third-party services, vulnerability scanners and/or manual sources to maintain up-to-date set of attack types,
• directing attack vectors to the technology environment to be tested through email services,
• opening emails and their contents/enclosures via an email service add-in to test available security systems established to protect the technology environment,
• detecting vulnerabilities and misconfigurations in security systems by evaluating successful attacks and attack types,
• updating security systems against to successful attacks after creating a list of remediation tasks to remove vulnerabilities and misconfigurations.
2. The method according to claim 1 , wherein the attack types are spam, phishing, ransomware, malicious code, browser exploits, malicious URL, malicious attachment, file format exploit, client-side attack and misconfig.
3. The method according to claim 1 , wherein the security systems are antispam, antivirus, data loss prevention, defense systems, security information and event management, malware analysis, sandbox, anomaly detection, intrusion detection and prevention, and endpoint protection.
4. The method according to claim 1 , further comprising generating a risk score for available email security systems by comparing the number of successful attacks with the number of attack vectors and evaluating successful attack types.
5. The method according to claim 1 or 4, further comprising reporting successful attacks, vulnerabilities, remediation tasks to remove vulnerabilities and updates performed on security systems to authorised people in the tested environment.
6. The method according to claim 1 , further comprising generating attack simulations on a customisable schedule with newly discovered attack types.
7. The method according to claim 1 , wherein simulation server sends necessary commands with signatures, rules, configurations, algorithms, artificial intelligence approach for updating security systems against attack vectors.
8. The method according to claim 1 , wherein the vulnerabilities and misconfigurations are detected by:
• sending emails to target email address from the external network,
• sending emails to external test environment from the internal network,
• providing connections to email service and security systems,
• using threat intelligence networks.
PCT/TR2018/050512 2018-09-20 2018-09-20 An email threat simulator for identifying security vulnerabilities in email protection mechanisms WO2020060503A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/TR2018/050512 WO2020060503A1 (en) 2018-09-20 2018-09-20 An email threat simulator for identifying security vulnerabilities in email protection mechanisms

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/TR2018/050512 WO2020060503A1 (en) 2018-09-20 2018-09-20 An email threat simulator for identifying security vulnerabilities in email protection mechanisms

Publications (1)

Publication Number Publication Date
WO2020060503A1 true WO2020060503A1 (en) 2020-03-26

Family

ID=65365994

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/TR2018/050512 WO2020060503A1 (en) 2018-09-20 2018-09-20 An email threat simulator for identifying security vulnerabilities in email protection mechanisms

Country Status (1)

Country Link
WO (1) WO2020060503A1 (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112367337A (en) * 2020-11-26 2021-02-12 杭州安恒信息技术股份有限公司 Network security attack and defense method, device and medium
CN112733138A (en) * 2020-12-25 2021-04-30 北京中微云安信息科技有限公司 Audio-visual APP safety and business compliance automatic detection system, method and medium
US11412386B2 (en) 2020-12-30 2022-08-09 T-Mobile Usa, Inc. Cybersecurity system for inbound roaming in a wireless telecommunications network
US11431746B1 (en) 2021-01-21 2022-08-30 T-Mobile Usa, Inc. Cybersecurity system for common interface of service-based architecture of a wireless telecommunications network
US11546767B1 (en) 2021-01-21 2023-01-03 T-Mobile Usa, Inc. Cybersecurity system for edge protection of a wireless telecommunications network
US11641585B2 (en) 2020-12-30 2023-05-02 T-Mobile Usa, Inc. Cybersecurity system for outbound roaming in a wireless telecommunications network
US11683334B2 (en) 2020-12-30 2023-06-20 T-Mobile Usa, Inc. Cybersecurity system for services of interworking wireless telecommunications networks
CN116781434A (en) * 2023-08-25 2023-09-19 北京傲星科技有限公司 Access control method, system and related equipment based on mimicry defense
CN117134999A (en) * 2023-10-26 2023-11-28 四川万物纵横科技股份有限公司 Safety protection method of edge computing gateway, storage medium and gateway
WO2024063714A1 (en) 2022-09-23 2024-03-28 Binalyze Yazilim A.S. Method for measuring security operation center
CN117857209A (en) * 2024-01-30 2024-04-09 北京天空卫士网络安全技术有限公司 Mail security detection method, device and system
US12015630B1 (en) * 2020-04-08 2024-06-18 Wells Fargo Bank, N.A. Security model utilizing multi-channel data with vulnerability remediation circuitry

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130232576A1 (en) 2011-11-18 2013-09-05 Vinsula, Inc. Systems and methods for cyber-threat detection
US20130347116A1 (en) * 2012-06-26 2013-12-26 Zuclu Research, LLC Threat evaluation system and method
US20160301705A1 (en) 2015-04-10 2016-10-13 PhishMe, Inc. Suspicious message processing and incident response
US9473522B1 (en) * 2015-04-20 2016-10-18 SafeBreach Ltd. System and method for securing a computer system against malicious actions by utilizing virtualized elements

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20130232576A1 (en) 2011-11-18 2013-09-05 Vinsula, Inc. Systems and methods for cyber-threat detection
US20130347116A1 (en) * 2012-06-26 2013-12-26 Zuclu Research, LLC Threat evaluation system and method
US20160301705A1 (en) 2015-04-10 2016-10-13 PhishMe, Inc. Suspicious message processing and incident response
US9473522B1 (en) * 2015-04-20 2016-10-18 SafeBreach Ltd. System and method for securing a computer system against malicious actions by utilizing virtualized elements

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US12015630B1 (en) * 2020-04-08 2024-06-18 Wells Fargo Bank, N.A. Security model utilizing multi-channel data with vulnerability remediation circuitry
CN112367337A (en) * 2020-11-26 2021-02-12 杭州安恒信息技术股份有限公司 Network security attack and defense method, device and medium
CN112733138A (en) * 2020-12-25 2021-04-30 北京中微云安信息科技有限公司 Audio-visual APP safety and business compliance automatic detection system, method and medium
US11412386B2 (en) 2020-12-30 2022-08-09 T-Mobile Usa, Inc. Cybersecurity system for inbound roaming in a wireless telecommunications network
US12113825B2 (en) 2020-12-30 2024-10-08 T-Mobile Usa, Inc. Cybersecurity system for services of interworking wireless telecommunications networks
US11641585B2 (en) 2020-12-30 2023-05-02 T-Mobile Usa, Inc. Cybersecurity system for outbound roaming in a wireless telecommunications network
US11683334B2 (en) 2020-12-30 2023-06-20 T-Mobile Usa, Inc. Cybersecurity system for services of interworking wireless telecommunications networks
US11799897B2 (en) 2021-01-21 2023-10-24 T-Mobile Usa, Inc. Cybersecurity system for common interface of service-based architecture of a wireless telecommunications network
US11863990B2 (en) 2021-01-21 2024-01-02 T-Mobile Usa, Inc. Cybersecurity system for edge protection of a wireless telecommunications network
US11546767B1 (en) 2021-01-21 2023-01-03 T-Mobile Usa, Inc. Cybersecurity system for edge protection of a wireless telecommunications network
US11431746B1 (en) 2021-01-21 2022-08-30 T-Mobile Usa, Inc. Cybersecurity system for common interface of service-based architecture of a wireless telecommunications network
WO2024063714A1 (en) 2022-09-23 2024-03-28 Binalyze Yazilim A.S. Method for measuring security operation center
CN116781434A (en) * 2023-08-25 2023-09-19 北京傲星科技有限公司 Access control method, system and related equipment based on mimicry defense
CN116781434B (en) * 2023-08-25 2023-11-14 北京傲星科技有限公司 Access control method, system and related equipment based on mimicry defense
CN117134999A (en) * 2023-10-26 2023-11-28 四川万物纵横科技股份有限公司 Safety protection method of edge computing gateway, storage medium and gateway
CN117134999B (en) * 2023-10-26 2023-12-22 四川万物纵横科技股份有限公司 Safety protection method of edge computing gateway, storage medium and gateway
CN117857209A (en) * 2024-01-30 2024-04-09 北京天空卫士网络安全技术有限公司 Mail security detection method, device and system

Similar Documents

Publication Publication Date Title
WO2020060503A1 (en) An email threat simulator for identifying security vulnerabilities in email protection mechanisms
Thakur et al. Cyber security in social media: challenges and the way forward
Saxena et al. Cyber threat intelligence challenges: Leveraging blockchain intelligence with possible solution
Rani et al. Cyber security techniques, architectures, and design
Thakur Cyber security threats and countermeasures in digital age
Almadhoob et al. Cybercrime prevention in the Kingdom of Bahrain via IT security audit plans
Jaiswal CYBERCRIME CATEGORIES AND PREVENTION
Rawal et al. Cybersecurity and Identity Access Management
Purkait et al. Cyber Security and Frameworks: A Study of Cyber Attacks and Methods of Prevention of Cyber Attacks
Rawal et al. The basics of hacking and penetration testing
Jagannath et al. Browser‐in‐the‐middle attacks: A comprehensive analysis and countermeasures
Stoddart Gaining access: attack and defense methods and legacy systems
Patayo A Preventive and Detective Model for Phishing Attack in Small and Medium Size Businesses
Kujo Implementing Zero Trust Architecture for Identities and Endpoints with Microsoft tools
Asgarkhani et al. A strategic approach to managing security in SCADA systems
Särökaari Phishing attacks and mitigation tactics
Bendiab et al. IoT Security Frameworks and Countermeasures
Robles et al. Survey of non-malicious user actions that introduce network and system vulnerabilities and exploits
Khan et al. Work-from-home Security Issues and Risks over Internet
Mahanta et al. Social engineering attacks and countermeasures
Mihai MANAGEMENT OF ELEARNING PLATFORMS SECURITY.
Spanov et al. Identification of cybersecurity risks and threats to ensure the integrity of the financial sector
Hedemalm An empirical comparison of the market-leading IDS's
Mohamad Asri et al. A theoretical framework for the awareness of phishing attack
Al-Mohannadi Cyber Attack Modelling using Threat Intelligence. An investigation into the use of threat intelligence to model cyber-attacks based on elasticsearch and honeypot data analysis

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18845478

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18845478

Country of ref document: EP

Kind code of ref document: A1