Leveraging The Kill Chain For Awesome
12/2/2014There are good reasons the Kill Chain is being used by some of the most successful information security teams around. Here are three.
Post a Comment
Author
Profile of Sean Mason
VP, Incident Response, Resolution1 Security Member Since: 11/19/2014Author
News & Commentary Posts: 1
Comments: 3
Sean Mason is the Vice President of Incident Response for Resolution1 Security. After serving his commitment to the US Air Force, he has spent his career with Fortune 500 companies (GE, Monsanto, Harris & CSC) where he has worked in a variety of IT & industry verticals, including software development, auditing, information security, defense, aviation, finance, energy, biotechnology, and healthcare. He served as the Defense Industrial Base (DIB) representative for Harris from 2009 to 2011 and was the Director of Incident Response for GE for a number of years. Sean also serves as a Subject Matter Expert for ISC2, helping to design credentials' common body of knowledge and exam questions as well as sitting on the ISC2 Application Security Advisory Council (ASAC).
Articles by Sean Mason
There are good reasons the Kill Chain is being used by some of the most successful information security teams around. Here are three.
Post a Comment
White Papers
Video
4 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
10 Best Practices That Could Reshape Your IT Security DepartmentThis Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
How Enterprises Are Using IT Threat Intelligence
Large organizations are harnessing data about cyberattackers and their exploits to improve the safety of their critical data. Find out what they're doing.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-20127
PUBLISHED: 2018-12-13
PUBLISHED: 2018-12-13
PUBLISHED: 2018-12-13
PUBLISHED: 2018-12-12
PUBLISHED: 2018-12-12
From DHS/US-CERT's National Vulnerability Database CVE-2018-20127
PUBLISHED: 2018-12-13
An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds.
CVE-2018-20128PUBLISHED: 2018-12-13
An issue was discovered in UsualToolCMS v8.0. cmsadmin\a_sqlback.php allows remote attackers to delete arbitrary files via a backname[] directory-traversal pathname followed by a crafted substring.
CVE-2018-20129PUBLISHED: 2018-12-13
An issue was discovered in DedeCMS V5.7 SP2. uploads/include/dialog/select_images_post.php allows remote attackers to upload and execute arbitrary PHP code via a double extension and a modified ".php" substring, in conjunction with the image/jpeg content type, as demonstrated by the filena...
CVE-2018-6706PUBLISHED: 2018-12-12
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.
CVE-2018-6705PUBLISHED: 2018-12-12
Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This