Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

Head in the Clouds

The transition from on-premises information systems to cloud services represents a significant, and sometimes uncomfortable, new way of working for ...
Read More

7 Considerations for Cyber Risk Management

Each year brings new cybersecurity threats, breaches, and previously unknown vulnerabilities in established systems. Even with unprecedented vulnerabilities such as ...
Read More

CERT Insider Threat Vulnerability Assessments, ITVA Training Course, and ITVA Certificate Program

The CERT National Insider Threat Center (NITC) has been researching insider threats since 2001. In this blog post, we provide ...
Read More

How to Get the Most Out of Penetration Testing

There are many reasons for an organization to perform a penetration test of its information systems: to meet compliance standards, ...
Read More

2017 U.S. State of Cybercrime Highlights

Each year, the CERT Division of the SEI collaborates with CSO Magazine to develop a U.S. State of Cybercrime report ...
Read More

Announcing Insider Threat Program Evaluator Training from the CERT National Insider Threat Center

The National Insider Threat Center (NITC) at the CERT Division of the SEI is developing an Insider Threat Program Evaluator ...
Read More

Governing the Internet of Things (IoT)

The Internet of Things (IoT) is proliferating exponentially, exposing organizations to an increased risk of IoT-targeted attacks, such as botnets ...
Read More

Mapping the Cyber Resilience Review to the Financial Sector’s Cybersecurity Assessment Tool

This post is also authored by Michael Rattigan and Robert A. Vrtis. In 2013 the White House directed the nation's ...
Read More
Loading...

ISC Bulletins

Finding VBA signatures in .docm files, (Sun, Feb 18th)

Last week I researched how to detect signed VBA code in Word .doc files. For .docm files, it's easier. .docx ...
Read More

Malware Delivered via Windows Installer Files, (Sat, Feb 17th)

For some days, I collected a few samples of malicious MSI files. MSI files are Windows installer files that users can ...
Read More

February 2018 Microsoft (and Adobe) Patch Tuesday , (Tue, Feb 13th)

I will update this diary as additional bulletins are released. Microsoft marked adobe's bulletin as "not yet exploited". However, according ...
Read More

Analyzing compressed shellcode, (Mon, Feb 12th)

I received a malicious RTF file with several stages (PowerShell commands), containing Gzip compressed shellcode. rtfdump shows the different elements ...
Read More

Finding VBA signatures in Word documents, (Sun, Feb 11th)

One of my former students contacted me after reading my last diary entry "An autograph from the Dridex gang" with ...
Read More

Increase in port 2580 probe sources, (Fri, Feb 9th)

Reviewing the dashboards at the ISC today revealed an anomaly on port 2580.  Over the last couple days the number of ...
Read More

An autograph from the Dridex gang, (Fri, Feb 9th)

Reader Wayne Smith submitted a PDF file attached to a malicious email. As happens often now, the PDF does not ...
Read More

SQL injection and division by zero exceptions, (Thu, Feb 8th)

SQL injections are my favorite vulnerabilities. Of course, every penetration tester loves them since they are (in most cases) critical, ...
Read More
Loading...