Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

Keeping an Eye Out for Positive Risk

We commonly think about risks having negative consequences. With each month bringing new cybersecurity threats, breaches, and vulnerabilities, sound risk ...
Read More

High-Level Technique for Insider Threat Program’s Data Source Selection

This blog discusses an approach that the CERT Division's National Insider Threat Center developed to assist insider threat programs develop, ...
Read More

Windows Event Logging for Insider Threat Detection

In this post, I continue my discussion on potential low-cost solutions to mitigate insider threats for smaller organizations or new ...
Read More

The CERT Division’s National Insider Threat Center (NITC) Symposium

Addressing the Challenges of Maturing an Insider Threat (Risk) Program On May 10, 2019, the Software Engineering Institute's National Insider ...
Read More

A New Scientifically Supported Best Practice That Can Enhance Every Insider Threat Program!

(Or..."How This One Weird Thing Can Take Your Program to the Next Level!") The CERT National Insider Threat Center (NITC) ...
Read More

Are You Providing Cybersecurity Awareness, Training, or Education?

When I attend trainings, conferences, or briefings, I usually end up listening to someone reading slides about a problem. Rarely ...
Read More

Insider Threats in Entertainment (Part 8 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. The Entertainment Industry is the next spotlight blog in the Industry Sector series ...
Read More

Insider Threats in Healthcare (Part 7 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. Next in the Insider Threats Across Industry Sectors series is Healthcare. As Healthcare-related ...
Read More
Loading...

ISC Bulletins

Malicious PHP Script Back on Stage?, (Thu, Jul 18th)

It’s amazing how we can find old scripts coming back to life for some obscure reasons. If today, Powershell or ...
Read More

The Other Side of Critical Control 1: 802.1x Wired Network Access Controls, (Thu, Jul 18th)

Today’s story is a short how-to on implementing 802.1x authentication for wired switch ports.  In other words, workstations have to ...
Read More

Analyzis of DNS TXT Records, (Wed, Jul 17th)

At the Internet Storm Center, we already mentioned so many times that the domain name system is a goldmine for ...
Read More

Commando VM: The Complete Mandiant Offensive VM, (Tue, Jul 16th)

The good folks at Mandiant have created the Commando VM, a fully customized, Windows-based security distribution for penetration testing and ...
Read More

isodump.py and Malicious ISO Files, (Mon, Jul 15th)

Inspired by my diary entry "Malicious .iso Attachments", @Evild3ad79 created a tool, isodump.py, to help with the analysis of ISO ...
Read More

Guidance to Protect DNS Against Hijacking & Scanning for Version.BIND Still a Thing, (Sat, Jul 13th)

This type of scanning looking for vulnerable BIND server is nothing new and has been ongoing for pretty much the ...
Read More

Russian Dolls Malicious Script Delivering Ursnif, (Thu, Jul 11th)

As a result of my hunting jobs, I found an interesting piece of obfuscated script. This one looks really like ...
Read More

Remembering Mike Assante, (Thu, Jul 11th)

In 2016 and 2017 I had the honor to present at RSA next to Mike Assante. I know him as ...
Read More
Loading...