The Data Breach Blog

Unauthorized access leads to Neiman Marcus Group breach, 5,200 affected

Neiman Marcus Group (NMG) reported that someone gained unauthorized access to thousands of online customer accounts.

Missing drives contained PHI on 950K Centene customers

During an inventory of its IT assets, health insurer Centene discovered that six hard drives containing personal and health information on 950,000 customers had gone missing.

University of Virginia hit with Phishing scam, 1,400 affected

The University of Virginia (UVA) suffered a data breach that was initiated via a phishing scam that revealed the tax and banking data of some of the school's employees.

San Diego County employees data mistakenly sent to Wells Fargo

San Diego Country, California employees mistakenly had their personal information, to include Social Security numbers, forwarded to Wells Fargo late last year.

Details of 325K Earbits.com users available on public database

MacKeeper discovered 13 million Earbits.com account records that were left exposed on a database server.

The Threat Hunter Blog

The Threat Hunter Blog Fast Flux Bot Nets and Fluxer - Part 1

Fast Flux Bot Nets and Fluxer - Part 1

This time we'll start a two-parter on fast flux bot nets including the concept of domain generation algorithms.

The Threat Hunter Blog STIX Wrap-Up

STIX Wrap-Up

Well, after a bit of travel that slowed me down, we're ready to wrap up our introduction to STIX. We ended last time on a high level overview of the APT1 campaign as presented by Mandiant/FireEye. That top level looked a bit like Figure 1:

The Threat Hunter Blog STIX - Looking at a Campaign, Part 1

STIX - Looking at a Campaign, Part 1

Now we come to a useful application of STIX: characterizing a campaign.

The Threat Hunter Blog STIX and Taxi - Part 2

STIX and Taxi - Part 2

We ended up last time with an introduction to the use of STIX and TAXII for threat hunting. Our last topic was STIX indicators so that's a good place to start this time.

The Threat Hunter Blog Hunting and STIX

Hunting and STIX

Today I'm starting a three parter that will introduce you to STIX, a neat way of documenting and understanding your threat hunting targets.

About Dr. Stephenson

Dr. Peter Stephenson is SC Magazine's Technology Editor, a cyber criminologist, digital investigator and digital forensic scientist at The Center for Digital Forensic Studies, is a writer, researcher and lecturer on cyber threat analysis, cyber criminology and cyber jurisprudence. He has lectured extensively and has written, edited or contributed to 20 books and several hundred articles in major national and international trade, technical and scientific publications. 

He is the series editor of the Peter Stephenson Series on Cyber Crime Investigation (Auerbach). Dr. Stephenson began his career in information security in 1964 as a Navy crypto technician.

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US