Blog

The Latest from Fortify

Threat Feeds

CVE Feed

Loading...

CERT Vulnerability Feed

Loading...

CERT Insider Threat

Wrap Up of CERT Best Practices to Mitigate Insider Threats Series

We hope you enjoyed our 20-part blog series describing the best practices included in the Common Sense Guide to Mitigating ...
Read More

Employee Termination Procedure (Part 20 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 20th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Blocking Data Exfiltration (Part 19 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 19th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Implementing Secure Backup and Recovery Processes (Part 18 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 18th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Institutionalizing System Change Controls (Part 17 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 17th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Cloud Service Agreements (Part 16 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 16th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Separation of Duties and Least Privilege (Part 15 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 15th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More

Establishing Baseline Behaviors (Part 14 of 20: CERT Best Practices to Mitigate Insider Threats Series)

The 14th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice ...
Read More
Loading...

ISC Bulletins

What is the State of Your Union? , (Fri, Sep 22nd)

Regularly the President of the United States delivers the State of the Union address. This practice "fulfills rules in Article ...
Read More

Malspam pushing Word documents with Hancitor malware, (Fri, Sep 22nd)

Introduction I previously wrote a diary on Hancitor back in February 2017.  Even though I haven't written a diary about ...
Read More

Emails threatening DDoS allegedly from Phantom Squad, (Thu, Sep 21st)

Introduction As a follow-up to one of our June 2017 diaries asking people to forward us any DDoS threats, we ...
Read More

Email attachment using CVE-2017-8759 exploit targets Argentina, (Thu, Sep 21st)

Introduction On 2017-09-12, FireEye published a blog post about a zero-day exploit utilizing CVE-2017-8759.  The vulnerability was fixed that same ...
Read More

Ongoing Ykcol (Locky) campaign, (Wed, Sep 20th)

Today I noticed a high amount of e-mails on my honeypots with similar subject, body and attachment. It caught my attention ...
Read More

New tool: mac-robber.py, (Tue, Sep 19th)

On a recent forensic investigation where we couldn't take the Linux system down to image the disks, I was forced ...
Read More

SANS Securingthehuman posted a follow up to their Equifax breach webcast: https://securingthehuman.sans.org/blog/2017/09/15/equifax-webcast-follow-up, (Mon, Sep 18th)

--- Johannes B. Ullrich, Ph.D. , Dean of Research, SANS Technology Institute STI|Twitter| (c) SANS Internet Storm Center. https://isc.sans.edu Creative ...
Read More

CCleaner 5.33 compromised – http://www.piriform.com/news/release-announcements/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users, (Mon, Sep 18th)

The version 5.33 of CCleaner[1] has been reported as compromised (only the 32bits version) and delivers a malware during the installation ...
Read More
Loading...