FireEye presentation | Web3us LLC

Details on North Korean Regime backed Threat Group = steal dollars from financial

Fake News accounts on Facebook = designed to incite people

Leveraging Inauthentic News Sites and Social Media

Event = observed occurrence in an information system that actually happened, don't know if malicious, don't know if data has left company

An email
A phone call
A System Crash

Incident = Adverse event in an information system, it includes the significant threat of the event, it implies harm or the attempt to harm.

Violation of an explicit or Implied security policy
Attempts to gain unauthorized access
Unwanted denial of resources
Unauthorized use of system or resource, an intrusion
Changes made without an owners knowledge or consent

Breach = A confirmed Incident that results in confirmed disclosure of data to an unauthorized party.

Incident Response Cycle

Preparation

Incident Response Plan (IR Plan) = Who do you notify?

Detection and Analysis

Containment Eradication & Recovery

Post-Incident Activity

Existing Security Controls

IPS = snort

Attachement

rpt-FireEye-Iranian-IO.pdf

Popular

How to setup Fedora Directory Server, LDAP

Opensource Web Site Software Worth Considering

Script automysqlbackup

FamilySearch Indexing on Linux

Honda Goldwing tall rider windshield

Linux Rename files with Prefix

Password Cracking

Recent content

The Innovator's Dilemma

Summary - Personal Disruption Framework, S-Curve

Summary - 5 Love Languages

9 qualities that immediately make people respect you

Tinkercad meshes are limited to 300,000 triangles

How to convert media files - Rip DVDs

siege Web-site benchmark tool

Web Performance and Load Testing Tools for Linux

Data Breach Reports

Password Cracking