HackDig : Dig high-quality web security articles for hacker

Basic Security Tools You Cannot Afford to Miss in Your Risk Management Program

Risk management is the process of identifying, assessing and controlling threats to an organization. It is also a way to increase the security maturity of an organization. Risk management allows you to think about security more strategically and answer the questions that come from your company board, such as: How many times was the organization attacked? Is
Publish At:2017-10-03 08:40 | Read:4241 | Comments:0 | Tags:CISO Incident Response Risk Management Incident Management I

[SANS ISC] Investigating Security Incidents with Passive DNS

I published the following diary on isc.sans.org: “Investigating Security Incidents with Passive DNS“. Sometimes when you need to investigate a security incident or to check for suspicious activity, you become frustrated because the online resource that you’re trying to reach has already been cleaned. We cannot blame system administrators and webm
Publish At:2017-10-02 23:20 | Read:4213 | Comments:0 | Tags:Incident Management SANS Internet Storm Center Security Pass

FIRST TC Amsterdam 2017 Wrap-Up

Here is my quick wrap-up of the FIRST Technical Colloquium hosted by Cisco in Amsterdam. This is my first participation to a FIRST event. FIRST is an organization helping in incident response as stated on their website: FIRST is a premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to mo
Publish At:2017-04-26 15:50 | Read:3133 | Comments:0 | Tags:Event Incident Management Security Amsterdan FIRST Incident

Before, During and After: Dealing With Attacks and Applying Effective Incident Management

A recent IBM and Ponemon Institute survey including more than 2,400 security professionals worldwide turned up some astounding findings. More than half (53 percent) of respondents said they had suffered at least one data breach in the past two years. Nearly three quarters (74 percent) held that they had faced threats from human error in the past year. Howeve
Publish At:2017-02-15 22:35 | Read:3692 | Comments:0 | Tags:Data Protection Risk Management C-Suite IBM X-Force Incident

The “Why’s” and “How’s” of an Incident Management Call

Recently, I had a meeting with a potential customer who was looking to invest in Tripwire’s portfolio. We got to talking about various aspects of information security – in particular, when companies react and investigate potential security breaches.The conversation took me back to when I worked in information security as a technical security manager.Wh
Publish At:2016-09-07 14:10 | Read:3411 | Comments:0 | Tags:Featured Articles Incident Detection breach COCR Incident Ma

Email Tracking for Dummies

[The post Email Tracking for Dummies has been first published on /dev/random]   Recently, I was involved in an incident handling mission to find how some confidential emails were being tracked. Let’s imagine a first scenario: Alice sends a mail to Bob. Bob reads Alice’s email and Alice gets notified. Nothing special, this is a standard feature offered b
Publish At:2015-12-08 02:25 | Read:5341 | Comments:0 | Tags:Forensics Incident Management Security Software IH Incident

Microsoft Reissues Security Update Due to Outlook Crash

Microsoft has reissued one of the security patches released on Tuesday as part of its monthly update cycle after many customers complained that it caused the Outlook email client to crash.Windows users complained on Microsoft’s support forums and elsewhere that Outlook 2010 and 2013 had been crashing when viewing HTML emails. Experts determined that the culp
Publish At:2015-11-12 15:55 | Read:3323 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management

German Secret Service 'Systematically Spied' on Allies: Report

Germany's secret service "systematically spied" on its allies and various international organizations such as the Red Cross, Der Spiegel magazine reported on Saturday.The German intelligence agency BND has already been accused of eavesdropping on officials at the French foreign ministry and presidency, as well as the European Commission, on behalf of its US
Publish At:2015-11-07 09:55 | Read:2293 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management

Symantec Launches Tailored Threat Intelligence Service

Just one week after introducing a new Advanced Threat Protection (ATP) solution, Symantec this week detailed Directed Threat Research, a new DeepSight Intelligence add-on service available for Advanced Enterprise subscribers looking for access to customized cyber threat intelligence.With the help of DeepSight Intelligence services, companies can receive data
Publish At:2015-11-05 03:55 | Read:3192 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management

Malware Served via Anti-Adblocking Service PageFair

Hackers breached the systems of anti-adblocking solutions provider PageFair and used the access to deliver malware via the publishers that rely on the company’s services.PageFair helps web publishers measure and recover revenue lost due to ad blockers, which have become increasingly problematic for the advertising industry. The company says it serves more th
Publish At:2015-11-03 15:55 | Read:3435 | Comments:0 | Tags:Cyberwarfare Desktop Security Disaster Recovery Mobile Secur

Active Threat Analytics: Easing the Burden of Threat Management

In Greek mythology, Sisyphus was a trickster king cursed with the eternal torment of fruitless labor. As punishment for his hubris and wile, Zeus condemned this hapless figure to the unending task of pushing a boulder up a mountain. Once he reached the top, the boulder would fall back down. And he would begin again. And again. Every day. Forever.I suspect th
Publish At:2015-10-26 13:30 | Read:6274 | Comments:0 | Tags:Security Active Threat Analytics ATA Big Data full packet ca

Uber Slip Exposes Data of Some US Drivers

Uber on Wednesday confirmed that a software slip briefly exposed personal data of hundreds of US drivers. The controversial ride-sharing company said that it stomped out the bug within a half-hour of getting word of the problem from a driver on Tuesday. "We were notified about a bug impacting a fraction of our US drivers," an Uber spokesperson said in an em
Publish At:2015-10-15 03:40 | Read:3427 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management Data Protection

Experian Hack Exposes Data of 15 Million T-Mobile Consumers

Experian on Thursday announced that a server containing information on T-Mobile customers was compromised, and that information of roughly 15 million individuals has been exposed. Experian processes credit applications on behalf of T-Mobile, and hackers managed to gain access to personally identifiable information of carrier’s customers, including new applic
Publish At:2015-10-02 20:35 | Read:3301 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management

T-Mobile 'Incredibly Angry' Over Breach via Credit Bureau

T-Mobile's chief executive has expressed outrage over a breach at a credit monitoring service that exposed private data from 15 million customers of the mobile carrier. CEO John Legere's comments came after T-Mobile learned of the hack at Experian, a service used to evaluate applications from potential customers. T-Mobile said the breach exposed the names,
Publish At:2015-10-02 20:35 | Read:1873 | Comments:0 | Tags:NEWS & INDUSTRY Incident Management

Hack May Have Hit 4.6 Million Online Brokerage Customers

US online brokerage firm Scottrade said Friday it was notifying some 4.6 million customers about a hack into its database which could have leaked private information. Scottrade said in a statement it was notified of the incident by US federal officials who "recently informed us that they've been investigating cybersecurity crimes involving the theft of infor
Publish At:2015-10-02 20:35 | Read:2158 | Comments:0 | Tags:INDUSTRY INSIGHTS Incident Management


Share high-quality web security related articles with you:)


Tag Cloud