You’ve Been Attacked. Now What?
10/23/2015The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Author
Profile of Ryan Vela
Regional Director, Fidelis Cybersecurity News & Commentary Posts: 11Ryan Vela is a Regional Director for Fidelis Cybersecurity. He has 15-years' experience in conducting investigations and digital forensic analysis. Ryan served as a Strategic Planner at the Defense Computer Forensics Laboratory (DCFL), where he established plans for the laboratory to establish operational capabilities and achieve ISO accreditation. As an Investigative Lead, Ryan specializes in large-scale cyberbreach investigations, situational containment, digital forensics, network security, malware analysis, and security assessments, and has recently served as the lead investigator for one of the most current and largest breaches to date.
Articles by Ryan Vela
The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Breach Defense Playbook: Cybersecurity Governance
6/25/2015Time to leave the island: Integrate cybersecurity into your risk management strategy.
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 2)
6/24/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 1)
6/23/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Open Source Intelligence
6/22/2015Do you know what information out there is putting you at risk?
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 2)
6/18/2015Cybersecurity requires a combination of people, process, and technology in a coordinated implementation leveraging a defense-in-depth methodology.
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 1)
6/17/2015How does your cybersecurity program compare to your industry peers?
Post a Comment
Breach Defense Playbook: Hunting For Breach Indicators
6/11/2015Do you proactively hunt for malware on your network, or do you wait for your tools to tell you?
Post a Comment
Breach Defense Playbook: Assessing Your Security Controls
6/10/2015Do you include physical security as part of your cybersecurity risk management plan?
Post a Comment
Breach Defense Playbook: Assessing Your Cybersecurity Engineering
6/9/2015Is your cybersecurity infrastructure robust enough to defend against future attacks?
Post a Comment
Breach Defense Playbook
4/16/2015How to be smart about defending against your next attack.
Post a Comment
White Papers
Video
1 Comments
Current Issue
5 Emerging Cyber Threats to Watch for in 2019Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
How Enterprises Are Developing Secure Applications
IT security and application development are disparate processes that are increasingly coming together. Here's a look at how that's happening.
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2019-11469
PUBLISHED: 2019-04-23
PUBLISHED: 2019-04-23
PUBLISHED: 2019-04-23
PUBLISHED: 2019-04-22
PUBLISHED: 2019-04-22
From DHS/US-CERT's National Vulnerability Database CVE-2019-11469
PUBLISHED: 2019-04-23
Zoho ManageEngine Applications Manager 12 through 14 allows FaultTemplateOptions.jsp resourceid SQL injection. Subsequently, an unauthenticated user can gain the authority of SYSTEM on the server by uploading a malicious file via the "Execute Program Action(s)" feature.
CVE-2013-7470PUBLISHED: 2019-04-23
cipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different vulnerability than CVE-2013-0310.
CVE-2019-11463PUBLISHED: 2019-04-23
A memory leak in archive_read_format_zip_cleanup in archive_read_support_format_zip.c in libarchive through 3.3.3 allows remote attackers to cause a denial of service via a crafted ZIP file because of a HAVE_LZMA_H typo.
CVE-2019-0218PUBLISHED: 2019-04-22
A vulnerability was discovered wherein a specially crafted URL could enable reflected XSS via JavaScript in the pony mail interface.
CVE-2019-11383PUBLISHED: 2019-04-22
An issue was discovered in the Medha WiFi FTP Server application 1.8.3 for Android. An attacker can read the username/password of a valid user via /data/data/com.medhaapps.wififtpserver/shared_prefs/com.medhaapps.wififtpserver_preferences.xml
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2019 UBM, All rights reserved
Tweet This