Companies See Business In 'Doxing' The Adversary

Network Computing Dark Reading

Advertise

About Us

Newest First | Oldest First | Threaded View

[close this box]

50%

LucasZa,
User Rank: Moderator
6/14/2012 | 4:59:10 PM

re: Companies See Business In 'Doxing' The Adversary

It's great to see increased adoption of the bigger picture. Greg is absolutely right when he says, "The best information to have is how they are infiltrating your network, what the best intrusion-detection signatures are to detect them next time, and how to prevent them from succeeding."

It's not really about doxing. As human beings, the attackers display patterns.The value is in cataloging the methodologies, habits, and tools each attacker (or group) uses so you can hunt for Indicators of Compromise. Identify a breach in progress early on and kick them out before they achieve their goals.

Reply | Post Message | Messages List | Start a Board

50%

Bprince,
User Rank: Ninja
6/9/2012 | 11:45:28 PM

re: Companies See Business In 'Doxing' The Adversary

Very interesting. Having this kind of intelligence on attackers could be useful in particular for critical infrastructure companies.-á
Brian Prince, InformationWeek/Dark Reading Comment Moderator-á

Reply | Post Message | Messages List | Start a Board

50%

MFMSTR,
User Rank: Apprentice
6/1/2012 | 6:42:16 AM

re: Companies See Business In 'Doxing' The Adversary

Good article about an emerging space. I don't know much about crowdstrike because they are new, but HBGary and Mandiant have been in the game for years. BTW, Hoglund was HBGary - I noticed you kept calling it Mantech CSI but I assume that is because of the recent merger. Crowdstrike has some big names, but TBH I don't know what they are actually doing or selling yet :-/ I'm sure all three companies are good at this. Mandiant has the widest IR coverage - something that helps them track APT groups using statistics from their services work. HBGary is probably the most hardcore - hacking the CNC servers and dropping rootkits on Chinese hackers. God knows what kind of information they have. It's good that security companies are willing to fight back. It's about time that hackers don't get a free lunch and walk over our networks here in the U.S. GÇô we all know the US Government won't fix it so I say yeah for private enterprise. Screw the hackers, they donGÇÖt get to own the Internet anymore.-á-á
-MFM

Reply | Post Message | Messages List | Start a Board

Hot Topics

Editors' Choice

Attackers Leave Stolen Credentials Searchable on Google

Kelly Sheridan, Staff Editor, Dark Reading, 1/21/2021

How to Better Secure Your Microsoft 365 Environment

Kelly Sheridan, Staff Editor, Dark Reading, 1/25/2021

Webinars

What We Can Learn from Sports Analytics

How Elite Analyst Teams are Transforming Security with Cyber Reconnaissance

Building the SOC of the Future: Next-Generation Security Operations

Webinar Archives

White Papers

Eliminate East-West Traffic Hair-Pinning

2020 Cybersecurity Report Card

2020 Threat Hunting Report

SANS 2021 Cyber Threat Intelligence Survey

The Trouble with Phishing

More White Papers

Cartoon Contest

Write a Caption, Win an Amazon Gift Card! Click Here

Latest Comment: I can't find the back door.

Cartoon Archive

Current Issue

2020: The Year in Security

Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

Assessing Cybersecurity Risk in Today's Enterprises

COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.

Download Now!

The Malware Threat Landscape

0 comments

How Data Breaches Affect the Enterprise (2020)

0 comments

Building an Effective Cybersecurity Incident Response Team

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2021-21275
PUBLISHED: 2021-01-25

The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...

CVE-2021-21272
PUBLISHED: 2021-01-25

ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...

CVE-2021-23901
PUBLISHED: 2021-01-25

An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...

CVE-2020-17532
PUBLISHED: 2021-01-25

When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5

CVE-2020-12512
PUBLISHED: 2021-01-22

Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]