Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Incident Response Now Shaping Security Operations
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
50%
50%
Marilyn Cohodas,
User Rank: Strategist
4/2/2014 | 8:47:49 AM
Re: Two common Web application attacks illustrate security concerns.
@andrewboon2739 I noticed that McGladrey is a provider of accounting, tax and consulting services. What are some of the principal threats and vulnerabilities you are seeing in your industry? And what are some of the recommendations you are giving to customers. 
andrewboon2739
50%
50%
andrewboon2739,
User Rank: Apprentice
4/2/2014 | 7:59:12 AM
Two common Web application attacks illustrate security concerns.

Interesting article. Hackers frequently gain access to important data using flaws in IT security systems and injecting malwares into web applications. Organization should conduct regular security maintenance and testing that focuses first on the most common threats to its applications. I work with McGladrey and there's a whitepaper on our website which offers very good information on common security concerns for business and ways to mitigate them @ http://bit.ly/1c0f35M readers will find it helpful .



Kelly Jackson Higgins
50%
50%
Kelly Jackson Higgins,
User Rank: Strategist
3/28/2014 | 5:14:15 PM
Re: IR Plan
It's interesting--IR is not a new concept by any means, but it seems it's finally becoming a more formalized strategy. I think high-profile breaches like Target's are going to make it even more of a mainstream part of the security operation.
RyanSepe
50%
50%
RyanSepe,
User Rank: Ninja
3/28/2014 | 4:52:44 PM
IR Plan
Its very important to have an IR plan. Working for a healthcare network, my team and I need to adhere to HIPAA standards among other sets of compliance regulations. Having an IR plan, although not a complete safety net, acts as somewhat of a buffer from a compliance standpoint. 

Losing data is never good, but when you have to incur compliance fines on top of damages paid to the victims, as well as losing clients you need re-instill faith to the consumer that they will be safe and that this is an out of the ordinary occurence. An IR can help lessen the weight of fines and show the consumer that you are on the right path towards safeguarding data.

This is not the only benefit to an IR. An IR can help an organization quickly and effectively map out a plan to deal with breaches. Closing the vulnerability and remedying the infection are two big proponents of having an IR in place.


Edge-DRsplash-10-edge-articles
7 Old IT Things Every New InfoSec Pro Should Know
Joan Goodchild, Staff Editor,  4/20/2021
News
Cloud-Native Businesses Struggle With Security
Robert Lemos, Contributing Writer,  5/6/2021
Commentary
Defending Against Web Scraping Attacks
Rob Simon, Principal Security Consultant at TrustedSec,  5/7/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-16632
PUBLISHED: 2021-05-15
A XSS Vulnerability in /uploads/dede/action_search.php in DedeCMS V5.7 SP2 allows an authenticated user to execute remote arbitrary code via the keyword parameter.
CVE-2021-32073
PUBLISHED: 2021-05-15
DedeCMS V5.7 SP2 contains a CSRF vulnerability that allows a remote attacker to send a malicious request to to the web manager allowing remote code execution.
CVE-2021-33033
PUBLISHED: 2021-05-14
The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33034
PUBLISHED: 2021-05-14
In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2019-25044
PUBLISHED: 2021-05-14
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.