You’ve Been Attacked. Now What?
10/23/2015The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Author
Profile of Ryan Vela
Regional Director, Fidelis Cybersecurity News & Commentary Posts: 11Ryan Vela is a Regional Director for Fidelis Cybersecurity. He has 15-years' experience in conducting investigations and digital forensic analysis. Ryan served as a Strategic Planner at the Defense Computer Forensics Laboratory (DCFL), where he established plans for the laboratory to establish operational capabilities and achieve ISO accreditation. As an Investigative Lead, Ryan specializes in large-scale cyberbreach investigations, situational containment, digital forensics, network security, malware analysis, and security assessments, and has recently served as the lead investigator for one of the most current and largest breaches to date.
Articles by Ryan Vela
The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Breach Defense Playbook: Cybersecurity Governance
6/25/2015Time to leave the island: Integrate cybersecurity into your risk management strategy.
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 2)
6/24/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 1)
6/23/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Open Source Intelligence
6/22/2015Do you know what information out there is putting you at risk?
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 2)
6/18/2015Cybersecurity requires a combination of people, process, and technology in a coordinated implementation leveraging a defense-in-depth methodology.
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 1)
6/17/2015How does your cybersecurity program compare to your industry peers?
Post a Comment
Breach Defense Playbook: Hunting For Breach Indicators
6/11/2015Do you proactively hunt for malware on your network, or do you wait for your tools to tell you?
Post a Comment
Breach Defense Playbook: Assessing Your Security Controls
6/10/2015Do you include physical security as part of your cybersecurity risk management plan?
Post a Comment
Breach Defense Playbook: Assessing Your Cybersecurity Engineering
6/9/2015Is your cybersecurity infrastructure robust enough to defend against future attacks?
Post a Comment
Breach Defense Playbook
4/16/2015How to be smart about defending against your next attack.
Post a Comment
White Papers
Video
0 Comments
Current Issue
Flash Poll
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-10839
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
PUBLISHED: 2018-10-16
From DHS/US-CERT's National Vulnerability Database CVE-2018-10839
PUBLISHED: 2018-10-16
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS.
CVE-2018-13399PUBLISHED: 2018-10-16
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2018-18381PUBLISHED: 2018-10-16
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
CVE-2018-18382PUBLISHED: 2018-10-16
Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" (aka user/edit-profile) action.
CVE-2018-18374PUBLISHED: 2018-10-16
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This