HackDig : Dig high-quality web security articles for hacker

SANS 2019 Incident Response Survey: Successful IR Relies on Visibility

During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), which continue to plague corporate bank accounts. Ransomware has brought multiple cities, schools and universi
Publish At:2020-02-26 02:05 | Read:302 | Comments:0 | Tags:Featured Articles Incident Detection BEC containment detecti

How to Get Started in Digital Forensics

If you want to become a digital forensic expert, be aware that when entering the field, you will be presented with an abundance of information that you will not know. It is a wonderfully challenging career path. Some believe that having the title of a cybersecurity professional (e.g. digital forensics expert, cybersecurity analyst, incident response commande
Publish At:2020-02-24 01:53 | Read:254 | Comments:0 | Tags:Featured Articles Incident Detection breach Digital Forensic

Crisis Management Automation for the Entire Organization with Dispatch – BSidesSF Preview

Managing security incidents can be a stressful job. You are dealing with many questions all at once. What’s the scope? Who do I need to engage? How do I manage all of this?As an Incident Commander (IC), you have many responsibilities. You’re responsible for driving an incident to resolution as quickly as possible, creating the resources necessary to document
Publish At:2020-02-17 02:00 | Read:315 | Comments:0 | Tags:Incident Detection BsidesSF

Change Is Inevitable: Tripwire File Analyzer

One of the only things that is constant in life is change. It’s the same with cybersecurity. There are different types of changes to consider.Changes that we acceptChanges that are goodChanges that are badA lot of changes in our everyday life are out of our control. It can be hard to discover, monitor and even react to change. However, when it comes to chang
Publish At:2020-02-09 10:21 | Read:199 | Comments:0 | Tags:Incident Detection File Analyzer FIM SCM

FIM: A Proactive and Reactive Defense against Security Breaches

No matter how well-designed it is, a security program will never prevent every digital attack. But an assault need not escalate into a data breach. Organizations can reduce the likelihood of a major incident by investing in key security controls.One such fundamental security component is FIM. Short for “file integrity monitoring“, FIM helps organ
Publish At:2017-03-10 11:25 | Read:3729 | Comments:0 | Tags:Featured Articles Incident Detection breach Change FIM

Reacting Properly to Security Incidents or Downtime

Preparing for challenges associated with any technology central to your workflow is an important part of a comprehensive security and risk management strategy for organizations concerned with the integrity of their system.Inevitably, regardless of the steps you take to prevent problems associated with things like viruses, hardware failures, data breaches, an
Publish At:2016-11-16 02:00 | Read:4309 | Comments:0 | Tags:Featured Articles Incident Detection incident response secur

Data Breach Overconfidence Strikes Again, This Time in the Energy Sector

In its 2016 Breach Detection Study, Tripwire evaluated the confidence and efficacy of 763 information security professionals in implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS Top 20 and IRS 1075.Those resources, which align with the United States Computer Emergency Readiness Team (US-CERT) recommendations and inte
Publish At:2016-09-20 12:40 | Read:3846 | Comments:0 | Tags:Featured Articles Incident Detection configuration data brea

The “Why’s” and “How’s” of an Incident Management Call

Recently, I had a meeting with a potential customer who was looking to invest in Tripwire’s portfolio. We got to talking about various aspects of information security – in particular, when companies react and investigate potential security breaches.The conversation took me back to when I worked in information security as a technical security manager.Wh
Publish At:2016-09-07 14:10 | Read:3658 | Comments:0 | Tags:Featured Articles Incident Detection breach COCR Incident Ma

Advanced Malware Detection and Response Begins at the Endpoint

It’s no secret the security community is witnessing a boom in sophisticated techniques and attack campaigns. Some of the most advanced threats circulating in the wild today leverage polymorphic malware that changes its form based upon the environment in which it activates. As a result, signature-based detection solutions have a difficult time detecting
Publish At:2016-08-29 10:50 | Read:3355 | Comments:0 | Tags:Incident Detection digital threats EDR endpoint log manageme

Attackers Launched 124,000 DDoS Events Per Week Over Past 18 Months, Finds Report

In June 2016, researchers at Sucuri Security tracked a distributed denial-of-service (DDoS) attack against one its customers. The campaign consisted of a layer 7 attack (HTTP Flood) that generated 50,000 requests per second (RPS) for several days.Such intensity is not by itself unusual. What made this campaign stand out, however, was the attackers’ use
Publish At:2016-07-25 09:40 | Read:2803 | Comments:0 | Tags:Featured Articles Incident Detection DDoS Infosec security D

FIM Hunting: How To Kill and Remove Unwanted Files

Organizations have a deep interest in detecting and preventing threats within their environments. From firewalls to file integrity monitors, there are many opportunities to catch and stop attackers in their tracks.A basic workflow for IT security revolves around prevention, detection and remediation. As a researcher in Tripwire’s Security and Compliance Sol
Publish At:2015-12-29 13:20 | Read:3186 | Comments:0 | Tags:Featured Articles File Integrity Monitoring Incident Detecti

Defensibility: Moving from Defensible to Defended

Defensible and defended are not the same thing. There are characteristics of an environment that make it more or less defensible. While IT and OT environments both have some mixed results, in general, OT environments are more defensible than IT environments. My hypothesis, as a reminder, is that a more defensible network is one in which currently unknown att
Publish At:2015-10-19 20:30 | Read:5294 | Comments:0 | Tags:Featured Articles Incident Detection architecture defensibil

Defensibility: Comparing OT and IT Environments

ICS networks have a lot of considerations. Policies and processes can hamper success. But they are far more defensible than IT networks.— Robert M. Lee (@RobertMLee) September 15, 2015 Sometimes a tweet can catch your attention in interesting ways.Robert’s use of the term ‘defensible’ to describe ICS networks got me thinking about what make
Publish At:2015-09-18 07:20 | Read:3506 | Comments:0 | Tags:Featured Articles Incident Detection defensibility EnergySec

4 Elements of a Stealthy Sandbox

Sandboxes (or automated, dynamic malware analysis systems) are one of the most advanced threat detection tools available to security professionals, and are quickly being adopted by forward-thinking enterprise and mid-market organizations globally.These systems use behavioral analysis methods to monitor unknown malware programs in a simulated environment for
Publish At:2015-04-08 08:35 | Read:2818 | Comments:0 | Tags:Featured Articles Incident Detection Lastline malware Sandbo

Chipotle Website & Twitter Account Hacked

Chipotle’s website and official Twitter account were compromised late Saturday evening and into Sunday morning. The website was redirected on Saturday around 6PM (PST) to Chipotle’s official twitter account @chipotletweets and was then unresponsive.The Chipotle domain’s technical and administrative contacts for the domain have been updated
Publish At:2015-02-08 09:10 | Read:3063 | Comments:0 | Tags:Incident Detection Latest Security News


Share high-quality web security related articles with you:)


Tag Cloud