Blog

The Latest from Fortify


Threat Feeds
CVE Feed
Loading...

CERT Vulnerability Feed
Loading...

CERT Insider Threat

Insider Threats in Healthcare (Part 7 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Carrie Gardner. Next in the Insider Threats Across Industry Sectors series is Healthcare. As Healthcare-related ...
Read More

Top 5 Incident Management Issues

The CERT Division of the SEI has a history of helping organizations develop, improve, and assess their incident management functions ...
Read More

Insider Threats in Information Technology (Part 6 of 9: Insider Threats Across Industry Sectors)

This blog post was co-authored by Carrie Gardner. As Carrie Gardner wrote in the second blog post in this series, ...
Read More

Insider Threats in State and Local Government (Part 5 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Drew Walsh. Continuing our industry sector series, this blog post highlights insider threat trends in ...
Read More

Insider Threats in Finance and Insurance (Part 4 of 9: Insider Threats Across Industry Sectors)

This post was co-authored by Jonathan Trotman. In the previous post of our series analyzing and summarizing insider incidents across ...
Read More

Scoping IT & OT Together When Assessing an Organization’s Resilience

The SEI engages with many organizations of various sizes and industries about their resilience. Those responsible for their organization's cybersecurity ...
Read More

NIST NCCOE Release Cybersecurity Practice Guide, SP 1800-5, IT Asset Management: Financial Services

NIST NCCOE Releases Cybersecurity Practice Guide, SP 1800-5, IT Asset Management: Financial Services ...
Read More

Database of Software “Fingerprints” Expands to Include Computer Games

One of the largest software libraries in the world just grew larger ...
Read More
Loading...

ISC Bulletins

Simple Powershell Keyloggers are Back, (Thu, Feb 21st)

Powershell is a very nice language in Windows environments. With only a few lines of code, we can implement nice ...
Read More

More Russian language malspam pushing Shade (Troldesh) ransomware, (Wed, Feb 20th)

Introduction Russian language spam pushing Shade ransomware (also known as Troldesh ransomware) has remained active since my previous ISC diary ...
Read More

Identifying Files: Failure Happens, (Tue, Feb 19th)

I regularly post diary entries analyzing malware. And a couple of times, I posted diary entries of files that turned ...
Read More

Know What You Are Logging, (Mon, Feb 18th)

I helped out someone who was seeing entries in his log file he could not make sense of. He has ...
Read More

VMware Security Advisory Released: VMSA-2019-0001 https://www.vmware.com/security/advisories/VMSA-2019-0001.html, (Mon, Feb 18th)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License ...
Read More

Video: Finding Property Values in Office Documents, (Sun, Feb 17th)

As promised in yesterday's diary entry "Finding Property Values in Office Documents", I made a video illustrating 2 methods to ...
Read More

Finding Property Values in Office Documents, (Sat, Feb 16th)

In diary entry "Maldoc Analysis of the Weekend", I use the strings method explained in diary entry "Quickie: String Analysis ...
Read More

Old H-Worm Delivered Through GitHub, (Thu, Feb 14th)

Another piece of malicious code spotted on GitHub this time. By the way, this is the perfect example to demonstrate ...
Read More
Loading...

NIST IT News & Events
Error: View d54c485h5r may not exist