HTTP Response Splitting is a type of attack that occurs when an attacker can manipulate the response headers that will be interpreted by the client. This article goes into details on how this can be abused by an attacker to insert arbitrary headers and the impact of this type of attack.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Privacy is understandably a concern for all, and for those that are not that bothered and opt-in to give it away, I’m sure they assume it is for monitoring of their activities online. However, in this enterprising case, it appears to go beyond the virtual to physical and not where you would suspect…

Undoubtedly, log management is the heart of any SIEM solution. The more access to logs your SIEM has the better it will be able to perform. Logs help in identifying who attacked your organization and how these malicious actors penetrate your corporate network. By logging all the vital information related to network devices and other critical systems, you will be able to get a deeper insight into your organization’s cybersecurity posture.

Every week, the AT&T Chief Security Office produces a set of videos with helpful information and news commentary for InfoSec practitioners and researchers. I really enjoy them, and you can subscribe to the Youtube channel to stay updated. This is a transcript of a recent feature on ThreatTraq. Watch the video here.

The era of Big Data is here. Information now exceeds fantastic proportions, globally measured in zettabytes (each zettabyte is a billion terabytes) and growing at an exponential rate that defies comprehension. According to the IDC, global data is expected to grow from 23 Zettabytes (ZB) in 2017 to 175 ZB by 2025.