Get a Pentest and security assessment of your IT network.

News

Security Event Correlation: Looking Back, Part 3

“If you see a successful login, followed by the exfiltration of that file, then an alert is generated” If you don’t know that a user has access to a file, you can’t stop it from accessing it. If you’re not stopping it, it’s probably because the credentials are stolen, so it’s not clear why it’s allowed to be there. If a user is authorized to access a file that’s not a legitimate, it can’t be blocked, it will be a violation of the law.”]

Source: https://taosecurity.blogspot.com/2008/10/security-event-correlation-looking-back_4144.html

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2