Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

The CERT Division’s National Insider Threat Center (NITC) Symposium

Addressing the Challenges of Maturing an Insider Threat (Risk) Program On May 10, 2019, the Software Engineering Institute's National Insider ...
Read More

A New Scientifically Supported Best Practice That Can Enhance Every Insider Threat Program!

(Or..."How This One Weird Thing Can Take Your Program to the Next Level!") The CERT National Insider Threat Center (NITC) ...
Read More

Are You Providing Cybersecurity Awareness, Training, or Education?

When I attend trainings, conferences, or briefings, I usually end up listening to someone reading slides about a problem. Rarely ...
Read More

Insider Threats in Entertainment (Part 8 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. The Entertainment Industry is the next spotlight blog in the Industry Sector series ...
Read More

Insider Threats in Healthcare (Part 7 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. Next in the Insider Threats Across Industry Sectors series is Healthcare. As Healthcare-related ...
Read More

Top 5 Incident Management Issues

The CERT Division of the SEI has a history of helping organizations develop, improve, and assess their incident management functions ...
Read More

Insider Threats in Information Technology (Part 6 of 9: Insider Threats Across Industry Sectors)

This blog post was co-authored by Carrie Gardner. As Carrie Gardner wrote in the second blog post in this series, ...
Read More

Insider Threats in State and Local Government (Part 5 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Drew Walsh. Continuing our industry sector series, this blog post highlights insider threat trends in ...
Read More
Loading...

ISC Bulletins

Finding Local Administrators on a Domain Member Stations, (Wed, Apr 24th)

Now that we've got a list of domain admins ( https://isc.sans.edu/forums/diary/Where+have+all+the+Domain+Admins+gone+Rooting+out+Unwanted+Domain+Administrators/24874 ), lets find all the accounts that have local ...
Read More

Where have all the Domain Admins gone? Rooting out Unwanted Domain Administrators, (Wed, Apr 24th)

Ever been in an internal security assessment or penetration test, and need to list all domain admins? First of all, ...
Read More

Malicious VBA Office Document Without Source Code, (Tue, Apr 23rd)

A couple of years ago, we posted diary entry "VBA and P-code": we featured a VBA P-code disassembler developed by ...
Read More

.rar Files and ACE Exploit CVE-2018-20250, (Mon, Apr 22nd)

Reader Carlos submitted an email with attached RAR file. In the past, when you received a RAR file as attachment ...
Read More

Analyzing UDF Files with Python, (Fri, Apr 19th)

Yesterday, Xavier wrote a diary entry about malicious UDF files. I wrote about the analysis of .ISO files before, and ...
Read More

Malware Sample Delivered Through UDF Image, (Wed, Apr 17th)

I found an interesting phishing email which was delivered with a malicious attachment: an UDF image (.img). UDF means “Universal Disk ...
Read More

A few Ghidra tips for IDA users, part 2 – strings and parameters, (Wed, Apr 17th)

Continuing with my preliminary exploration of Ghidra. If we continue with the call to RegOpenKeyExA from last time (yes, I ...
Read More

Odd DNS Requests that are Normal, (Tue, Apr 16th)

If you ever heard me talk about DNS, you will know that I am a big fan of monitoring DNS ...
Read More
Loading...

NIST IT News & Events
Error: View d54c485h5r may not exist