I’ve provoked an example breach report in the VERIS Community Database by the Verizon Risk Team, recorded in this JSON file, with this summary:
A secondary domain hosted by Bluehost was defaced by an opportunistic attack. We are consolidating the secondary domains in our primary provider and all domains will be pointing to our web site.
Last week I was looking to join SIRA’s email list and mistyped .com for .org. Finding www.societyinforisk.com had “HaCKeD By : brkod” on it, I mentioned that to SIRA. They fixed it as above.
The interesting part is that the VERIS Community Database is an effort to expand the annual Verizon Data Breach Investigations Report (DBIR) into something more timely and comprehensive: It’s not very big yet (63 commits and 1546 incidents), but it’s a welcome start. It doesn’t have nearly the comprehensiveness, frequency, nor regularity of the spam blocklist data underlying SpamRankings.net, but it has, or it can have, more depth in reporting what happened and why.
The VERIS Community DatabaseContinue reading