You’ve Been Attacked. Now What?
10/23/2015The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Author
Profile of Ryan Vela
Regional Director, Fidelis Cybersecurity News & Commentary Posts: 11Ryan Vela is a Regional Director for Fidelis Cybersecurity. He has 15-years' experience in conducting investigations and digital forensic analysis. Ryan served as a Strategic Planner at the Defense Computer Forensics Laboratory (DCFL), where he established plans for the laboratory to establish operational capabilities and achieve ISO accreditation. As an Investigative Lead, Ryan specializes in large-scale cyberbreach investigations, situational containment, digital forensics, network security, malware analysis, and security assessments, and has recently served as the lead investigator for one of the most current and largest breaches to date.
Articles by Ryan Vela
The five steps you take in the first 48 hours after a breach will go a long way towards minimizing your organization’s exposure and liability.
Post a Comment
Breach Defense Playbook: Cybersecurity Governance
6/25/2015Time to leave the island: Integrate cybersecurity into your risk management strategy.
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 2)
6/24/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Incident Response Readiness (Part 1)
6/23/2015Will your incident response plan work when a real-world situation occurs?
Post a Comment
Breach Defense Playbook: Open Source Intelligence
6/22/2015Do you know what information out there is putting you at risk?
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 2)
6/18/2015Cybersecurity requires a combination of people, process, and technology in a coordinated implementation leveraging a defense-in-depth methodology.
Post a Comment
Breach Defense Playbook: Reviewing Your Cybersecurity Program (Part 1)
6/17/2015How does your cybersecurity program compare to your industry peers?
Post a Comment
Breach Defense Playbook: Hunting For Breach Indicators
6/11/2015Do you proactively hunt for malware on your network, or do you wait for your tools to tell you?
Post a Comment
Breach Defense Playbook: Assessing Your Security Controls
6/10/2015Do you include physical security as part of your cybersecurity risk management plan?
Post a Comment
Breach Defense Playbook: Assessing Your Cybersecurity Engineering
6/9/2015Is your cybersecurity infrastructure robust enough to defend against future attacks?
Post a Comment
Breach Defense Playbook
4/16/2015How to be smart about defending against your next attack.
Post a Comment
White Papers
Video
1 Comments
Current Issue
Flash Poll
The State of IT and Cybersecurity
IT and security are often viewed as different disciplines - and different departments. Find out what our survey data revealed, read the report today!
Twitter Feed
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2018-15660
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
PUBLISHED: 2018-08-21
From DHS/US-CERT's National Vulnerability Database CVE-2018-15660
PUBLISHED: 2018-08-21
** DISPUTED ** An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. If an attacker controls an application with accessibility permissions, then the attacker can read certain Ola Money data such as a credit card number, expiration date, bank account numbe...
CVE-2018-15661PUBLISHED: 2018-08-21
** DISPUTED ** An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. If an attacker controls an application with accessibility permissions and the ability to read SMS messages, then the Forgot Password screen can be used to bypass authentication. NOTE: th...
CVE-2018-15481PUBLISHED: 2018-08-21
Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices using firmware version 5.1.x before 5.1.13 allows authenticated remote attackers to escape the shell and escalate their privileges by adding a LocalCommand to the SSH configuration file in the...
CVE-2018-15528PUBLISHED: 2018-08-21
Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "select_sso()" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?[XSS] l...
CVE-2018-15533PUBLISHED: 2018-08-21
A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005.
- Terms of Service
- Privacy Statement
- Legal Entities
- Copyright © 2018 UBM, All rights reserved
Tweet This