Advertise

Author

Profile of Chris Nutt

Director, Incident Response & Malware, Mandiant

Member Since: 7/15/2014
Author
News & Commentary Posts: 1
Comments: 1

Chris Nutt is the Director of Incident Response and Malware of Mandiant. He has nine years of experience in enterprise incident response, working with the federal government, defense industrial base, and Fortune 100 companies. He has extensive experience in incident response, computer forensics, and remediation planning. He has led high-visibility investigations into the theft of intellectual property as well as the theft of payment card industry information and regularly assists organizations in developing remediation strategies designed to remove sophisticated attackers from client networks. He teaches computer incident response to the public and private sectors and is responsible for development and delivery of technical content in the incident response training courses he teaches. In these courses, he instructs students how to collect and analyze information, and how to manage investigations. Prior to joining Mandiant, Chris conducted computer incident response for the US Marine Corps. During his time there, he advanced the Marine Corps incident response capability by developing processes and tools utilized during intrusion investigations across the worldwide deployment of Marine networks and communities of interest. In this capacity, he was the incident response duty expert and responsible for coordinating efforts with Joint Task Force Global Network Operations, service-level Computer Emergency Response Teams, and Naval Criminal Investigative Service. He has experience supervising and leading forensic analysts and incident responders, as well as software development teams.

Articles by Chris Nutt

View Content By Month

Payment Card Data Theft: Tips For Small Business

7/15/2014
For small businesses looking to reduce their exposure to data theft the good news is the advantage of being small.
Post a Comment

Content by Month
July 2014 - 1
[close this box]

Hot Topics

Editors' Choice

New Cold Boot Attack Gives Hackers the Keys to PCs, Macs

Kelly Sheridan, Staff Editor, Dark Reading, 9/13/2018

Yahoo Class-Action Suits Set for Settlement

Dark Reading Staff 9/17/2018

RDP Ports Prove Hot Commodities on the Dark Web

Kelly Sheridan, Staff Editor, Dark Reading, 9/17/2018

Live Events

Webinars

More UBM Tech
Live Events

Build Your Communications & Collaboration Future

Enterprise Connect Orlando 2019 Registration is Open!

White Papers

Build the Best IT Budget for 2019

Email Spoofing a Threat to the 2018 Midterm Elections

3 Steps to Securing Enterprise Data on Cloud Platforms

Understanding Cyber-Attacks

Cyber-Security Compliance: Guide to Data Protection Regulatory Compliance

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

How Data Breaches Affect the Enterprise

This report, offers new data on the frequency of data breaches, the losses they cause, and the steps that organizations are taking to prevent them in the future. Read the report today!

Download Now!

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

[Strategic Security Report] Cloud Security's Changing Landscape

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-17182
PUBLISHED: 2018-09-19

An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations...

CVE-2018-17144
PUBLISHED: 2018-09-19

Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.

CVE-2017-3912
PUBLISHED: 2018-09-18

Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.

CVE-2018-6690
PUBLISHED: 2018-09-18

Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.

CVE-2018-6693
PUBLISHED: 2018-09-18

An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escal...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]