The Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework is a pilot programme of exercises that will mimic the Tactics, Techniques and Procedures (TTPs) of real-life adversaries, creating and utilising tools, and using techniques that may not have been anticipated and planned for. Also known as red team exercises, these help Financial Institutions(FI) stay competitive and secure by leveraging an unbiased view, and by third-party providers mimicking real-world Advanced Persistent Threats (APTs).
A new framework by the Council of Financial Regulators requires APRA-regulated financial institutions to attack themselves in a bid to uplift their cyber preparedness, as APRA orders urgent audits against CPS 234.
The #CORIE framework that has been launched will require banks, super funds and other financial institutions to organize independent red team attack simulations.
Congratulations to our Senior Consultant David Roccasalva, for his discovery and responsible disclosure of a MFA Authentication Bypass vulnerability on VMWare Horizon DaaS (9.x, 8.x and 7.x) for VMware earlier this year.
VMWare Horizon DaaS (Desktop as a Service) is a remote desktop and application service used by organisations for working remotely on applications, which is depended by many during the remote work situation as a result of COVID-19.