Cyber Hunting: 5 Tips To Bag Your Prey
3/26/2015Knowing the lay of the land and where attackers hide is a key element in hunting, both in nature and in the cyber realm.
Post a Comment
Author
Profile of David J. Bianco
Security Architect, Sqrrl Member Since: 3/24/2015Author
News & Commentary Posts: 1
Comments: 3
Before coming to work as a Security Architect and DFIR subject matter expert at Sqrrl, David led the hunt team at Mandiant, helping to develop and prototype innovative approaches to detect and respond to network attacks. Prior to that, he spent five years helping to build an intel-driven detection and response program for General Electric (GE-CIRT). He set detection strategies for a network of nearly 500 NSM sensors in over 160 countries and led response efforts for some of the company's the most critical incidents.
David stays active in the community, speaking and writing on the subjects of incident detection & response, threat intelligence and security analytics. He is also a member of the MLSec Project (http://www.mlsecproject.org). You can follow him on Twitter as @DavidJBianco or subscribe to his blog, "Enterprise Detection & Response" (http://detect-respond.blogspot.com).
Articles by David J. Bianco
Knowing the lay of the land and where attackers hide is a key element in hunting, both in nature and in the cyber realm.
Post a Comment
White Papers
Video
0 Comments
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Name that Toon: Risky Busine
Literalist at work, boss said do the job hanging from the ceiling.
{
You want anything else boss, Yes do the ...
Latest Comment: Name that Toon: Risky Busine
Literalist at work, boss said do the job hanging from the ceiling.
{
You want anything else boss, Yes do the ...
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-17141
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
PUBLISHED: 2018-09-21
From DHS/US-CERT's National Vulnerability Database CVE-2018-17141
PUBLISHED: 2018-09-21
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
CVE-2018-17173PUBLISHED: 2018-09-21
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
CVE-2018-17174PUBLISHED: 2018-09-21
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.
CVE-2018-16822PUBLISHED: 2018-09-21
SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter.
CVE-2018-16833PUBLISHED: 2018-09-21
Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This