Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

Insider Threats in Finance and Insurance (Part 4 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Jonathan Trotman. In the previous post of our series analyzing and summarizing insider incidents across ...
Read More

Scoping IT & OT Together When Assessing an Organization’s Resilience

The SEI engages with many organizations of various sizes and industries about their resilience. Those responsible for their organization's cybersecurity ...
Read More

Performing Text Analytics for Insider Threat Programs: Part 3 of 3

This blog series reviews topics in performing text analytics to support insider threat mitigation. This post presents a procedural framework ...
Read More

Insider Threats in the Federal Government (Part 3 of 9: Insider Threats Across Industry Sectors)

The CERT National Insider Threat Center (NITC) Insider Threat Incident Corpus contains over 2,000 incidents, which, as Director Randy Trzeciak ...
Read More

Classifying Industry Sectors: Our New Approach to an Industry Sector Taxonomy (Part 2 of 9: Insider Threats Across Industry Sectors)

As Randy Trzeciak mentioned in the first blog in this series, we are often asked about the commonalities of insider ...
Read More

Is Compliance Compromising Your Information Security Culture?

Individual organizations spend millions per year complying with information security mandates, which tend to be either too general or too ...
Read More

Insider Threat Incident Analysis by Sector (Part 1 of 9)

Hello, I am Randy Trzeciak, Director of the CERT National Insider Threat Center (NITC). I would like to welcome you ...
Read More

How CERT-RMM and NIST Security Controls Help Protect Data Privacy and Enable GDPR Compliance, Part 1: Identifying Personally Identifiable Information

The costs of the steady stream of data breaches and attacks on sensitive and confidential data continue to rise. Organizations ...
Read More
Loading...

ISC Bulletins

Arrest of Huawei CFO Inspires Advanced Fee Scam, (Sun, Dec 9th)

Last week, the arrest of MENG Wanzou made big waves in the news. Ms. Meng was arrested in Canada based ...
Read More

Quickie: String Analysis is Still Useful, (Sun, Dec 9th)

String analysis: extracting and analyzing strings from binary files (like executables) to assist with reverse engineering. It's a simple method, ...
Read More

Reader Submission: MHT File Inside a ZIP File, (Sat, Dec 8th)

Reader Jason submitted a ZIP file received via email. It contains an MHT file, an when Jason received it, it ...
Read More

A Dive into malicious Docker Containers, (Fri, Dec 7th)

Last few days we're seeing increased attacks from %%ip:192.99.142.246%%, which is trying to exploit open Docker instances (%%port:2375%%). The container (being named java123) ...
Read More

Is it Time to Update Flash? (If you haven't already), (Thu, Dec 6th)

If you haven't uninstalled Flash yet, maybe today should be that day.  The update posted yesterday has a remote code ...
Read More

Data Exfiltration in Penetration Tests, (Tue, Nov 27th)

In many penetration tests, there'll be a point where you need to exfiltrate some data.  Sometimes this is a situation ...
Read More

Campaign evolution: Hancitor changes its Word macros, (Wed, Dec 5th)

Introduction Today's diary reviews trends in recent malicious spam (malspam) pushing Hancitor. Background:  Malspam pushing Hancitor (also known as Chanitor ...
Read More

Malspam pushing Lokibot malware, (Tue, Dec 4th)

Introduction I've frequently seen malicious spam pushing Lokibot (also spelled "Loki-Bot") since 2017.  This year, I've written diaries about it ...
Read More
Loading...