Analytics

11/28/2011
01:34 PM
Dark Reading
Dark Reading
Slideshows
50%
50%

Slide Show: 10 Tips And Best Practices For Becoming A Data Security Detective

Tips from security insiders on gathering and analyzing security intelligence and identifying new threats, as well as APT attacks
Previous
1 of 10
Next


Until recently, IT security technicians spent much of their time managing passwords, access lists, and firewall configuration tables. Today, however, the role of the security pro has shifted radically toward threat analysis, forensic investigation, and incident response. The modern data security professional is increasingly asked to be skilled in roles such as first responder, malware researcher, log file analyst, and threat evaluator.

On October 20, 2011, InformationWeek and Dark Reading hosted an all-day virtual event, where experts offered detailed insight in how to collect security intelligence in the enterprise, and how to analyze and study it in order to efficiently identify new threats as well as low-and-slow attacks such as advanced persistent threats. Several best practices emerged from the event, including the following tips from security insiders.

Keynote speaker FBI Special Supervisory Agent (SSA) Melissa Horvath, from the Bureau’s Cyber Division, Cyber Criminal Unit 1, emphasized the importance of understanding how and why criminals perpetrate financial crimes, and explained the inner workings of financial fraud cases involving electronic money transfers.

Previous
1 of 10
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More Than Half of Users Reuse Passwords
Curtis Franklin Jr., Senior Editor at Dark Reading,  5/24/2018
Is Threat Intelligence Garbage?
Chris McDaniels, Chief Information Security Officer of Mosaic451,  5/23/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11489
PUBLISHED: 2018-05-26
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
CVE-2018-11490
PUBLISHED: 2018-05-26
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspe...
CVE-2018-11493
PUBLISHED: 2018-05-26
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add.
CVE-2018-11487
PUBLISHED: 2018-05-26
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php.
CVE-2018-11471
PUBLISHED: 2018-05-25
Cockpit 0.5.5 has XSS via a collection, form, or region.