Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

High-Level Technique for Insider Threat Program’s Data Source Selection

This blog discusses an approach that the CERT Division's National Insider Threat Center developed to assist insider threat programs develop, ...
Read More

Windows Event Logging for Insider Threat Detection

In this post, I continue my discussion on potential low-cost solutions to mitigate insider threats for smaller organizations or new ...
Read More

The CERT Division’s National Insider Threat Center (NITC) Symposium

Addressing the Challenges of Maturing an Insider Threat (Risk) Program On May 10, 2019, the Software Engineering Institute's National Insider ...
Read More

A New Scientifically Supported Best Practice That Can Enhance Every Insider Threat Program!

(Or..."How This One Weird Thing Can Take Your Program to the Next Level!") The CERT National Insider Threat Center (NITC) ...
Read More

Are You Providing Cybersecurity Awareness, Training, or Education?

When I attend trainings, conferences, or briefings, I usually end up listening to someone reading slides about a problem. Rarely ...
Read More

Insider Threats in Entertainment (Part 8 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. The Entertainment Industry is the next spotlight blog in the Industry Sector series ...
Read More

Insider Threats in Healthcare (Part 7 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. Next in the Insider Threats Across Industry Sectors series is Healthcare. As Healthcare-related ...
Read More

Top 5 Incident Management Issues

The CERT Division of the SEI has a history of helping organizations develop, improve, and assess their incident management functions ...
Read More
Loading...

ISC Bulletins

Using a Travel Packing App for Infosec Purpose, (Thu, Jun 20th)

My today's diary will not be technical but could help you to better organize your next travel. This week, like many SANS ISC ...
Read More

Quick Detect: Exim "Return of the Wizard" Attack, (Wed, Jun 19th)

Thanks to our reader Alex for sharing some of his mail logs with the latest attempts to exploit %%CVE:2019-10149%% (aka ...
Read More

Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729, (Wed, Jun 19th)

Oracle today released an out-of-band security update for WebLogic, patching yet another XMLDecoder deserialization vulnerability for WebLogic. The flaw is ...
Read More

What You Need To Know About TCP "SACK Panic", (Tue, Jun 18th)

Netflix discovered several vulnerabilities in how Linux (and in some cases FreeBSD) are processing the "Selective TCP Acknowledgment (SACK)" option [1] ...
Read More

Malspam with password-protected Word docs pushing Dridex, (Tue, Jun 18th)

Introduction Today's diary reviews a Dridex infection caused by a password-protected Word document that was attached to malicious spam (spam) ...
Read More

An infection from Rig exploit kit, (Mon, Jun 17th)

Introduction Rig exploit kit (EK) is one of a handful of EKs still active as noted in this May 2019 ...
Read More

Sysmon Version 10: DNS Logging, (Sun, Jun 16th)

Sysmon Version 10.0 brings DNS query logging. By default, DNS query logging is not enabled. You need to provide a ...
Read More

A few Ghidra tips for IDA users, part 4 – function call graphs, (Fri, Jun 14th)

One of the features of IDA that we use in FOR610 that can be helpful for detecting malicious patterns of ...
Read More
Loading...