<!doctype html><html lang="en" class="web tlp-clear" data-studio-config="eyJ4aHJDcmVkZW50aWFscyI6ZmFsc2UsInhockhlYWRlcnMiOnt9fQo="><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8" /><title>What's New</title><link rel="alternate" type="application/rss+xml" href="https://www.first.org/newsroom/news/rss.xml" title="What&#039;s New" /> <meta property="og:title" content="What&#039;s New" /> <meta property="og:type" content="website" /> <meta property="og:image" content="https://www.first.org/_/img/1st.png" /> <meta property="og:url" content="https://www.first.org/newsroom/news/" /> <meta property="og:site_name" content="FIRST — Forum of Incident Response and Security Teams" /> <meta property="fb:profile_id" content="296983660669109" /> <meta property="twitter:card" content="summary_large_image" /> <meta property="twitter:site" content="@FIRSTdotOrg" /> <meta property="twitter:image" content="https://www.first.org/_/img/1st.png" /><meta name="viewport" content="initial-scale=1,maximum-scale=1.0,user-scalable=no" /><link rel="icon" type="image/png" href="/1st.png" /><link rel="apple-touch-icon" sizes="128x128" href="/favicon.png" /><link rel="stylesheet" type="text/css" href="/_/web.css?20250403210942" /><link rel="stylesheet" type="text/css" href="/_/web.css?20250403210942" /></head><body><header><div id="header" data-studio="CU52CV1W8g"><div id="c3" data-studio="Yu8FjCC11g"><div id="topbar"> <div class="sites right"> <ul> <li><a href="https://support.first.org" class="kb-datalist"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a></li> <li><a href="https://portal.first.org" class="button"><span class="no-tiny">Member </span>Portal</a></li> </ul> </div> <div class="first-logo"> <p><a href="/"><img src="/_/img/first-org-simple-negative.svg" alt="FIRST.Org" title="FIRST" /></a></p> </div> <div class="nav"> <ul class="navbar"><li><a href="/about">About FIRST</a><ul><li><a href="/about/mission">Mission Statement</a></li><li><a href="/about/strategy/">Strategy Framework</a></li><li><a href="/about/history">History</a></li><li><a href="/about/sdg">Sustainable Development Goals</a></li><li><a href="/about/organization">Organization</a><ul><li><a href="/about/organization/directors">Board of Directors</a></li><li><a>Operations Team</a><ul><li><a href="/about/organization/ccb">Community &amp; Capacity Building</a></li><li><a href="/about/organization/events">Event Office</a></li><li><a href="/about/organization/executive-director">Executive Director</a></li><li><a href="/about/organization/infrastructure">Infrastructure</a></li><li><a href="/about/organization/secretariat">Secretariat</a></li></ul></li><li><a href="/about/organization/committees">Committees</a><ul><li><a href="/about/organization/committees/compensation-committee">Compensation Committee</a></li><li><a href="/about/organization/committees/conference-program-committee">Conference Program Committee</a></li><li><a href="/about/organization/committees/membership-committee">Membership Committee</a></li><li><a href="/about/organization/committees/rules-committee">Rules Committee</a></li><li><a href="/about/organization/committees/standards">Standards Committee</a></li></ul></li><li><a href="/events/agm">Annual General Meeting</a></li><li><a href="/about/organization/reports">Annual Reports and Tax Filings</a></li></ul></li><li><a href="/about/policies">FIRST Policies</a><ul><li><a href="/about/policies/anti-corruption">Anti-Corruption Policy</a></li><li><a href="/about/policies/antitrust">Antitrust Policy</a></li><li><a href="/about/policies/bylaws">Bylaws</a></li><li><a href="/about/policies/board-duties">Board duties</a></li><li><a href="/about/bugs">Bug Bounty Program</a></li><li><a href="/about/policies/code-of-conduct">Code of Conduct</a></li><li><a href="/about/policies/conflict-policy">Conflict of Interest Policy</a></li><li><a href="/about/policies/doc-rec-retention-policy">Document Record Retention and Destruction Policy</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li><li><a href="/about/policies/gen-event-reg-refund-policy">General Event Registration Refund Policy</a></li><li><a href="/about/policies/event-site-selection">Guidelines for Site Selection for all FIRST events</a></li><li><a href="/identity">Identity &amp; Logo Usage</a></li><li><a href="/about/policies/mailing-list">Mailing List Policy</a></li><li><a href="/about/policies/media">Media Policy</a></li><li><a href="/about/policies/privacy">Privacy Policy</a></li><li><a href="/about/policies/registration-terms-conditions">Registration Terms &amp; Conditions</a></li><li><a href="/about/policies/terms">Services Terms of Use</a></li><li><a href="/about/policies/standards">Standards Policy</a></li><li><a href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></li><li><a href="/about/policies/translation-policy">Translation Policy</a></li><li><a href="/about/policies/travel-policy">Travel Policy</a></li><li><a href="/about/policies/uniform-ipr">Uniform IPR Policy</a></li><li><a href="/about/policies/whistleblower-policy">Whistleblower Protection Policy</a></li></ul></li><li><a href="/about/partners">Partnerships</a><ul><li><a href="/global/partners">Partners</a></li><li><a href="/global/friends">Friends of FIRST</a></li><li><a href="/global/supporters/">FIRST Supporters</a></li><li><a href="/about/sponsors">FIRST Sponsors</a></li></ul></li><li><a href="/newsroom">Newsroom</a><ul><li><a href="/newsroom/news">What&#039;s New</a></li><li><a href="/newsroom/releases">Press Releases</a></li><li><a href="/newsroom/news/media">In the News</a></li><li><a href="/podcasts">Podcasts</a><ul><li><a href="/newsroom/news/first-impressions/">FIRST Impressions Podcast</a></li><li><a href="/newsroom/news/podcasts/">FIRSTCON Podcast</a></li></ul></li><li><a href="/newsroom/newsletters">Newsletters</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li></ul></li><li><a href="/about/procurement">Procurement</a></li><li><a href="/about/jobs/">Jobs</a></li><li><a href="/contact">Contact</a></li></ul></li><li><a href="/members">Membership</a><ul><li><a href="/membership/">Becoming a Member</a><ul><li><a href="/membership/process">Membership Process for Teams</a></li><li><a href="/membership/process-associates">Membership Process for Associates</a></li><li><a href="/membership/process-liaisons">Membership Process for Liaisons</a></li><li><a href="/membership/#Fees">Membership Fees</a></li></ul></li><li><a href="/members/teams">FIRST Teams</a></li><li><a href="/members/liaisons">FIRST Liaisons</a></li><li><a href="/members/map">Members around the world</a></li></ul></li><li><a href="/global">Initiatives</a><ul><li><a href="/global/sigs">Special Interest Groups (SIGs)</a><ul><li><a href="/global/sigs/framework">SIGs Framework</a></li><li><a href="/global/sigs/academicsec" class="borderb">Academic Security SIG</a></li><li><a href="/global/sigs/ai-security">AI Security SIG</a></li><li><a href="/global/sigs/automation">Automation SIG</a></li><li><a href="/global/sigs/communications/">Cybersecurity Communications SIG</a></li><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a><ul><li><a href="/cvss/calculator/4.0">Calculator</a></li><li><a href="/cvss/v4.0/specification-document">Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">User Guide</a></li><li><a href="/cvss/v4.0/examples">Examples</a></li><li><a href="/cvss/v4.0/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v4-0">CVSS v4.0 Documentation &amp; Resources</a><ul><li><a href="/cvss/calculator/4.0">CVSS v4.0 Calculator</a></li><li><a href="/cvss/v4.0/specification-document">CVSS v4.0 Specification Document</a></li><li><a href="/cvss/v4.0/user-guide">CVSS v4.0 User Guide</a></li><li><a href="/cvss/v4.0/examples">CVSS v4.0 Examples</a></li><li><a href="/cvss/v4.0/faq">CVSS v4.0 FAQ</a></li></ul></li><li><a href="/cvss/v3-1">CVSS v3.1 Archive</a><ul><li><a href="/cvss/calculator/3.1">CVSS v3.1 Calculator</a></li><li><a href="/cvss/v3.1/specification-document">CVSS v3.1 Specification Document</a></li><li><a href="/cvss/v3.1/user-guide">CVSS v3.1 User Guide</a></li><li><a href="/cvss/v3.1/examples">CVSS v3.1 Examples</a></li><li><a href="/cvss/v3.1/use-design">CVSS v3.1 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v3-0">CVSS v3.0 Archive</a><ul><li><a href="/cvss/calculator/3.0">CVSS v3.0 Calculator</a></li><li><a href="/cvss/v3.0/specification-document">CVSS v3.0 Specification Document</a></li><li><a href="/cvss/v3.0/user-guide">CVSS v3.0 User Guide</a></li><li><a href="/cvss/v3.0/examples">CVSS v3.0 Examples</a></li><li><a href="/cvss/v3.0/use-design">CVSS v3.0 Calculator Use &amp; Design</a></li></ul></li><li><a href="/cvss/v2">CVSS v2 Archive</a><ul><li><a href="/cvss/v2/guide">CVSS v2 Complete Documentation</a></li><li><a href="/cvss/v2/history">CVSS v2 History</a></li><li><a href="/cvss/v2/team">CVSS-SIG team</a></li><li><a href="/cvss/v2/meetings">SIG Meetings</a></li><li><a href="/cvss/v2/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v2/adopters">CVSS Adopters</a></li><li><a href="/cvss/v2/links">CVSS Links</a></li></ul></li><li><a href="/cvss/v1">CVSS v1 Archive</a><ul><li><a href="/cvss/v1/intro">Introduction to CVSS</a></li><li><a href="/cvss/v1/faq">Frequently Asked Questions</a></li><li><a href="/cvss/v1/guide">Complete CVSS v1 Guide</a></li></ul></li><li><a href="/cvss/data-representations">JSON &amp; XML Data Representations</a></li><li><a href="/cvss/training">CVSS On-Line Training Course</a></li><li><a href="/cvss/identity">Identity &amp; logo usage</a></li></ul></li><li><a href="/global/sigs/csirt">CSIRT Framework Development SIG</a></li><li><a href="/global/sigs/cyberinsurance">Cyber Insurance SIG</a><ul><li><a href="/global/sigs/cyberinsurance/events">Cyber Insurance SIG Webinars</a></li></ul></li><li><a href="/global/sigs/cti">Cyber Threat Intelligence SIG</a><ul><li><a href="/global/sigs/cti/curriculum/">Curriculum</a><ul><li><a href="/global/sigs/cti/curriculum/introduction">Introduction</a></li><li><a href="/global/sigs/cti/curriculum/cti-introduction">Introduction to CTI as a General topic</a></li><li><a href="/global/sigs/cti/curriculum/methods-methodology">Methods and Methodology</a></li><li><a href="/global/sigs/cti/curriculum/pir">Priority Intelligence Requirement (PIR)</a></li><li><a href="/global/sigs/cti/curriculum/source-evaluation">Source Evaluation and Information Reliability</a></li><li><a href="/global/sigs/cti/curriculum/machine-human">Machine and Human Analysis Techniques (and Intelligence Cycle)</a></li><li><a href="/global/sigs/cti/curriculum/threat-modelling">Threat Modelling</a></li><li><a href="/global/sigs/cti/curriculum/training">Training</a></li><li><a href="/global/sigs/cti/curriculum/standards">Standards</a></li><li><a href="/global/sigs/cti/curriculum/glossary">Glossary</a></li><li><a href="/global/sigs/cti/curriculum/cti-reporting/">Communicating Uncertainties in CTI Reporting</a></li></ul></li><li><a href="/global/sigs/cti/events/">Webinars and Online Training</a></li><li><a href="/global/sigs/cti/cti-program">Building a CTI program and team</a><ul><li><a href="/global/sigs/cti/cti-program/program-stages">Program maturity stages</a><ul><li><a href="/global/sigs/cti/cti-program/stage1">CTI Maturity model - Stage 1</a></li><li><a href="/global/sigs/cti/cti-program/stage2">CTI Maturity model - Stage 2</a></li><li><a href="/global/sigs/cti/cti-program/stage3">CTI Maturity model - Stage 3</a></li></ul></li><li><a href="/global/sigs/cti/cti-program/starter-kit">Program Starter Kit</a></li><li><a href="/global/sigs/cti/cti-program/resources">Resources and supporting materials</a></li></ul></li></ul></li><li><a href="/global/sigs/digital-safety">Digital Safety SIG</a></li><li><a href="/global/sigs/dns">DNS Abuse SIG</a><ul><li><a href="/global/sigs/dns/stakeholder-advice/">Stakeholder Advice</a><ul><li><a>Detection</a><ul><li><a href="/global/sigs/dns/stakeholder-advice/detection/cache-poisoning">Cache Poisoning</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dga">DGA Domains</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-as-a-vector-for-dos">DNS As a Vector for DoS</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-rebinding">DNS Rebinding</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dns-server-compromise">DNS Server Compromise</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dos-against-the-dns">DoS Against the DNS</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/domain-name-compromise">Domain Name Compromise</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/dynamic-dns-resolution-as-obfuscation-technique">Dynamic DNS (as obfuscation technique)</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/lame-delegations">Lame Delegations</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/local-resolver-hijacking">Local Resolver Hijacking</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/on-path-dns-attack">On-path DNS Attack</a></li><li><a href="/global/sigs/dns/stakeholder-advice/detection/stub-resolver-hijacking">Stub Resolver Hijacking</a></li></ul></li></ul></li><li><a href="/global/sigs/dns/policies">Code of Conduct &amp; Other Policies</a></li><li><a href="/global/sigs/dns/dns-abuse-examples">Examples of DNS Abuse</a></li></ul></li><li><a href="/global/sigs/ethics">Ethics SIG</a><ul><li><a href="/global/sigs/ethics/ethics-first">Ethics for Incident Response Teams</a></li></ul></li><li><a href="/epss/">Exploit Prediction Scoring System (EPSS)</a><ul><li><a href="/epss/model">The EPSS Model</a></li><li><a href="/epss/data_stats">Data and Statistics</a></li><li><a href="/epss/user-guide">User Guide</a></li><li><a href="/epss/research">EPSS Research and Presentations</a></li><li><a href="/epss/faq">Frequently Asked Questions</a></li><li><a href="/epss/who_is_using">Who is using EPSS?</a></li><li><a href="/epss/epss_tools">Open-source EPSS Tools</a></li><li><a href="/epss/api">API</a></li><li><a href="/epss/papers">Related Exploit Research</a></li><li><a>Blog</a><ul><li><a href="/epss/articles/prob_percentile_bins">Understanding EPSS Probabilities and Percentiles</a></li><li><a href="/epss/articles/log4shell">Log4Shell Use Case</a></li><li><a href="/epss/articles/estimating_old_cvss">Estimating CVSS v3 Scores for 100,000 Older Vulnerabilities</a></li></ul></li><li><a href="/epss/partners">Data Partners</a></li></ul></li><li><a href="/global/sigs/msr/">FIRST Multi-Stakeholder Ransomware SIG</a></li><li><a href="/global/sigs/hfs/">Human Factors in Security SIG</a></li><li><a href="/global/sigs/ics">Industrial Control Systems SIG (ICS-SIG)</a></li><li><a href="/global/sigs/iep">Information Exchange Policy SIG (IEP-SIG)</a></li><li><a href="/global/sigs/information-sharing">Information Sharing SIG</a><ul><li><a href="/global/sigs/information-sharing/misp">Malware Information Sharing Platform</a></li></ul></li><li><a href="/global/sigs/le">Law Enforcement SIG</a></li><li><a href="/global/sigs/malware">Malware Analysis SIG</a><ul><li><a href="/global/sigs/malware/ma-framework">Malware Analysis Framework</a></li><li><a href="/global/sigs/malware/ma-framework/malwaretools">Malware Analysis Tools</a></li></ul></li><li><a href="/global/sigs/metrics">Metrics SIG</a><ul><li><a href="/global/sigs/metrics/events">Metrics SIG Webinars</a></li></ul></li><li><a href="/global/sigs/netsec/">NETSEC SIG</a></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/global/sigs/policy">Policy SIG</a></li><li><a href="/global/sigs/psirt">PSIRT SIG</a></li><li><a href="/global/sigs/red-team">Red Team SIG</a></li><li><a href="/global/sigs/cpg">Retail and Consumer Packaged Goods (CPG) SIG</a></li><li><a href="/global/sigs/ctf">Security Lounge SIG</a></li><li><a href="/global/sigs/soc/">Security Operations Center SIG</a></li><li><a href="/global/sigs/tic/">Threat Intel Coalition SIG</a><ul><li><a href="/global/sigs/tic/membership-rules">Membership Requirements and Veto Rules</a></li></ul></li><li><a href="/global/sigs/tlp">Traffic Light Protocol (TLP-SIG)</a></li><li><a href="/global/sigs/transport">Transportation and Mobility SIG</a></li><li><a href="/global/sigs/vulnerability-coordination">Vulnerability Coordination</a><ul><li><a href="/global/sigs/vulnerability-coordination/multiparty">Multi-Party Vulnerability Coordination and Disclosure</a></li><li><a href="/global/sigs/vulnerability-coordination/multiparty/guidelines">Guidelines and Practices for Multi-Party Vulnerability Coordination and Disclosure</a></li></ul></li><li><a href="/global/sigs/vrdx">Vulnerability Reporting and Data eXchange SIG (VRDX-SIG)</a><ul><li><a href="/global/sigs/vrdx/vdb-catalog">Vulnerability Database Catalog</a></li></ul></li><li><a href="/global/sigs/wof">Women of FIRST</a></li></ul></li><li><a href="/global/governance">Internet Governance</a></li><li><a href="/global/irt-database">IR Database</a></li><li><a href="/global/fellowship">Fellowship Program</a><ul><li><a href="https://portal.first.org/fellowship">Application Form</a></li></ul></li><li><a href="/global/mentorship">Mentorship Program</a></li><li><a href="/hof">IR Hall of Fame</a><ul><li><a href="/hof/inductees">Hall of Fame Inductees</a></li></ul></li><li><a href="/global/victim-notification">Victim Notification</a></li><li><a href="/volunteers/">Volunteers at FIRST</a><ul><li><a href="/volunteers/list">FIRST Volunteers</a></li><li><a href="/volunteers/participation">Volunteer Contribution Record</a></li></ul></li><li><a href="#new">Previous Activities</a><ul><li><a href="/global/practices">Best Practices Contest</a></li></ul></li></ul></li><li><a href="/standards">Standards &amp; Publications</a><ul><li><a href="/standards">Standards</a><ul><li><a href="/cvss">Common Vulnerability Scoring System (CVSS-SIG)</a></li><li><a href="/tlp">Traffic Light Protocol (TLP)</a><ul><li><a href="/tlp/use-cases">TLP Use Cases</a></li></ul></li><li><a href="/standards/frameworks/">Service Frameworks</a><ul><li><a href="/standards/frameworks/csirts">CSIRT Services Framework</a></li><li><a href="/standards/frameworks/psirts">PSIRT Services Framework</a></li></ul></li><li><a href="/iep">Information Exchange Policy (IEP)</a><ul><li><a href="/iep/iep_framework_2_0">IEP 2.0 Framework</a></li><li><a href="/iep/iep-json-2_0">IEP 2.0 JSON Specification</a></li><li><a href="/iep/iep-polices">Standard IEP Policies</a><ul><li><a href="https://www.first.org/iep/2.0/first-tlp-iep.iepj">IEP TLP Policy File</a></li><li><a href="https://www.first.org/iep/2.0/first-unknown-iep.iepj">IEP Unknown Policy File</a></li></ul></li><li><a href="/iep/iep_v1_0">IEP 1.0 Archive</a></li></ul></li><li><a href="/global/sigs/passive-dns">Passive DNS Exchange</a></li><li><a href="/epss">Exploit Prediction Scoring System (EPSS)</a></li></ul></li><li><a href="/resources/papers">Publications</a></li></ul></li><li><a href="/events">Events</a></li><li><a href="/education">Education</a><ul><li><a href="/education/first-training">FIRST Training</a><ul><li><a href="/education/trainings">Training Courses</a></li><li><a href="/education/trainers">FIRST Trainers</a></li></ul></li></ul></li><li><a href="/blog">Blog</a></li></ul> </div> </div> <div id="home-buttons"> <p><a href="/join" data-title="Join"><img alt="Join" src="/_/img/icon-join.svg"><span class="tt-join">Join<span>Details about FIRST membership and joining as a full member or liaison.</span></span></a> <a href="/learn" data-title="Learn"><img alt="Learn" src="/_/img/icon-learn.svg"><span class="tt-learn">Learn<span>Training and workshop opportunities, and details about the FIRST learning platform.</span></span></a> <a href="/participate" data-title="Participate"><img alt="Participate" src="/_/img/icon-participate.svg"><span class="tt-participate">Participate<span>Read about upcoming events, SIGs, and know what is going on.</span></span></a></p> </div></div></div></header><div id="body" data-studio="CU52CV1W8g"><div id="c1" data-studio="Yu8FjCC11g" class="p"><div class="section p tags" data-paginate="10"><h1>What's New</h1> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20250305">FIRST Announces Global Event Series to Unite Incident Response and Security Teams Worldwide</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2025-03-05T00:00:00+00:00">Wed, 05 Mar 2025 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Flagship events in Raleigh, Berlin, and Copenhagen set to strengthen international cybersecurity collaboration amid surge in cross-border security incidents</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Strategy,Framework,planning"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20250303-Strategy-Framework">The FIRST Board of Directors Launches FIRST’s Strategy Framework</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2025-03-03T00:30:00+00:00">Mon, 03 Mar 2025 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Board of Directors is introducing a new structured approach to strategic planning, aimed at enhancing the organization’s ability to fulfill its mission and solidify its position as a global leader in cybersecurity and incident response.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,tools,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20250607-Vulnerability-Forecast-for-2025">Vulnerability Forecast for 2025</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2025-02-25T00:30:00+00:00">Tue, 25 Feb 2025 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>In 2025 we expect another record-breaking year of CVE production. This year we expect 45505 +/- 4,363 CVEs to be published in the calendar year (CY). There’s a 5% chance the actual number exceeds the maximum (49868) and a 5% chance is less than the minimum (41142). Rather than give you a false sense of precision, it’s probably far easier to say we expect between 41-50k of vulnerabilities in calendar year CY 2025.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,tools,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20250106-Vulnerability-Forecast-Year-in-Review">The 2024 Vulnerability Forecast: Year in Review</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2025-01-06T00:30:00+00:00">Mon, 06 Jan 2025 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>In calendar year 2024 we had another record breaking 40,704 CVEs published.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202412">FIRST POST: Oct-Dec 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-12-31T00:00:00+00:00">Tue, 31 Dec 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; The Growing Role of Cyber Diplomacy in Managing Digital Conflicts; APCERT &amp; FIRST Regional Symposium; FIRST Membership Committee - Updated Liaison Process; FIRST Welcomes New Members and Thanks Sponsoring Teams!; Trainer Recognition; Growth Stack Media Q4 PR Highlights: CISA Endorsement &amp; Emerging Industry Leadership; Special Interest Group Updates; Early Bird Registration for FIRSTCON25 Copenhagen Ends February 10!; Upcoming Events</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Multi-Stakeholder,Ransomware,SIG"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20241220-FIRST-Ransomware-Training">Ransomware Empowerment Training</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-12-23T00:30:00+00:00">Mon, 23 Dec 2024 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>The FIRST Multi-Stakeholder Ransomware SIG is very pleased to announce the release of the first version of the Ransomware Empowerment training. This has been a significant undertaking, requiring many months of dedicated effort from our dear SIG members. We have made it our priority to ensure that this training is TLP:CLEAR, so that it can be of benefit to all.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20241205">FIRST Drives Global Cybersecurity Progress Through Community-Led Innovation</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-12-05T05:00:00+00:00">Thu, 05 Dec 2024 05:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>White House recognizes FIRST's Traffic Light Protocol (TLP) as cybersecurity best practice; Record attendance at FIRSTCON Fukuoka marks Asia-Pacific expansion; Historic FIRST &amp; AfricaCERT Symposium strengthens African cybersecurity collaboration</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="cvss,sig,vulnerability"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20241104-CVSS-v4_0-Turns-One-Year-Old">CVSS v4.0 Turns One Year Old</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-11-04T00:30:00+00:00">Mon, 04 Nov 2024 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST and the CVSS Special Interest Group (SIG) would like to wish a very happy first birthday to the newest version of CVSS, version 4.0!</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202409">FIRST POST: Jul-Sep 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-10-04T00:00:00+00:00">Fri, 04 Oct 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; Board members Roles and Responsibilities for 2024/2025; FIRST-AJCCBC Workshop Series – Summer 2024; First NETSEC training in Fukuoka; Looking back at the Fukuoka Annual Conference; Training on Fundamentals of Cyber Threat Intelligence successfully delivered at the International Information Technology University (IITU), Almaty, Kazakhstan; FIRST at the Summer School on Internet Governance in Meissen; Special Interest Group Updates; FIRST Newcomers &amp; Membership Committee; IMPORTANT: Heads-Up on VAT for FIRST for all events in EUROPE from 2025 onward; FIRST Gains Momentum in Media Landscape; Upcoming Events; FIRST on Social Media</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,tools,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240923-Q4Vulnerability-Forecast">2024 Q4 Vulnerability Forecast</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-09-23T00:30:00+00:00">Mon, 23 Sep 2024 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>We’re expecting 9006 +/- 1259 vulnerabilities this quarter, as we close out the year.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/digest/202407">2024 Events and 2025 Preview</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-08-23T12:00:00+00:00">Fri, 23 Aug 2024 12:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Greetings FIRST Community, </p> <p>2024 has been an exciting year of memorable programming, including the annual conference, which visited Japan in June! With just four months before the end of the year, we want to highlight the content and opportunities still to come. </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20240724">Global Security Leaders Convene at FIRSTCON to Address Critical Infrastructure Threats</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-07-24T00:00:00+00:00">Wed, 24 Jul 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p><strong>Fukuoka, Japan - July 24, 2024</strong> - The Forum of Incident Response and Security Teams (<a href="https://www.first.org/">FIRST</a>) recently concluded its intensive five-day conference, <a href="https://www.first.org/conference/2024/">FIRSTCON 2024</a>, held this year in Fukuoka.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="insights,cyber,threat,trends"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240628-from-fukuoka-to-copenhagen">From Fukuoka to Copenhagen: LAC’s Insights on the Latest Cyber Threat Trends</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-28T10:30:00+00:00">Fri, 28 Jun 2024 10:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>The 36th annual FIRST Conference, "FIRSTCON24," was held from June 9 to 14, 2024, in Fukuoka, Japan. This marked the first time in 15 years that the conference was hosted in Japan, with the last event taking place in Kyoto in 2009. The conference saw a remarkable turnout with 997 participants from 99 countries and regions.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,management"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240621-Unveiling_Active_Directory_Security_Risks">Unveiling Active Directory Security Risks: A Comprehensive Analysis of Management Issues and Vulnerabilities</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-21T10:30:00+00:00">Fri, 21 Jun 2024 10:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>In this report, CyCraft research team analyzes 27 listed companies in Taiwan, Level-A government agencies and healthcare institutions, covering 46 AD Domains, with 1,057,000 objects included.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/about/reports/FIRST-Annual-Report-2023-2024.pdf">FIRST Annual Report Released</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-06-10T00:00:00+00:00">Mon, 10 Jun 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST published its eighth Annual Report which covers the organization’s accomplishments towards its vision of bringing together incident response and security teams from every country across the world to ensure a safe internet for all. The report is available at <a href="https://www.first.org/about/reports/FIRST-Annual-Report-2023-2024.pdf">FIRST Annual Report 2023-2024</a>.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,tools,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240529-Q3Vulnerability-Forecast">2024 Q3 Vulnerability Forecast</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-29T00:30:00+00:00">Wed, 29 May 2024 00:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>As usual we like to verify our previous forecast before we make the next one. Due to travel, I must do this a few days before I should (normally on the 1^st of June).</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202405">FIRST POST: Apr-Jun 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-05-20T00:00:00+00:00">Mon, 20 May 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; Message from the Chair; FIRST Standards Committee; CTI Conference in Berlin; FIRST Newcomers &amp; Membership Committee; On the Road to Fukuoka - See you soon!; FIRST as a Diana Initiative Community Partner; Growth Stack Media PR Updates; Special Interest Group Updates; FIRST Impressions Podcast; FIRST on Social Media</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerabilities,tools,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240419-Q2Vulnerability-Forecast">2024 Q2 Vulnerability Forecast</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-04-25T10:30:00+00:00">Thu, 25 Apr 2024 10:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>So what are we expecting in terms of numbers of CVEs this quarter?</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202401">FIRST POST: Jan-Mar 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-02-20T00:00:00+00:00">Tue, 20 Feb 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; Christmas CTF in Norway; Incentivizing anti-abuse proactivity among online service providers; FIRST Newcomers &amp; Membership Committee; Growth Stack Media Appointed as FIRST's Agency of Record; On the Road to Fukuoka - Registration is Open!; FIRST Standards Committee update (aka “the wheel reinvention prevention committee”); Special Interest Group Updates; FIRST on Social Media; Upcoming Events</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/announce/20240208">Growth Stack Media Appointed as FIRST's Agency of Record</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-02-08T13:30:00+00:00">Thu, 08 Feb 2024 13:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST Elevates Public Relations Efforts with Appointment of Growth Stack Media as Agency of Record</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/announce/20240130">Balkan Cybersecurity Days 2024: Call for Speakers Open</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-01-29T00:00:00+00:00">Mon, 29 Jan 2024 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Join us for the second edition of Balkan Cybersecurity Days! Organized by DCAF in collaboration with partners AKCESK and FIRST, the event will take place from March 20-22, 2024, in Durrës, Albania.</p> <p>The Call for Speakers for this event is open through February 9th. Interested presenters can learn more at <a href="https://www.first.org/events/colloquia/bcd2024/cfp">here</a>.</p> <p>Bringing together cybersecurity professionals from the public and private sectors, the agenda includes a high-level opening, a panel on promoting cybersecurity talent, and plenary sessions in response to FIRST’s call for papers. Days two and three feature technical training sessions.<br> #BCD2024</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerability,forecast"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20240109-vulnerability-forecast-2024">The vulnerability forecast for 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-01-11T10:30:00+00:00">Thu, 11 Jan 2024 10:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>Every year we make a prediction to the number of vulnerabilities we expect to see published by NVD. We define this as the number published between New Year’s Day in 2023 to New Year’s Eve 2023, which is not the same as CVE’s that begin with 2023 as an identifier.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/announce/20231114">VulnCon 2024 - Call for Papers!</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2024-01-09T16:00:00+00:00">Tue, 09 Jan 2024 16:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>WHEN: Monday, March 25 through Wednesday, March 27, 2024. </p> <p>LOCATION North Carolina State University, McKimmon Center 1101 Gorman Street Raleigh, NC, 27606</p> <p>We are seeking individuals to submit abstracts for talks, panels, birds-of-a-feather sessions. Any interested persons can submit no later than January 31, 2024.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="loa,doa,certificate"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20231222-Is-the-LoA-DoA-for-Routing">Is the LoA DoA for Routing</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-12-22T10:30:00+00:00">Fri, 22 Dec 2023 10:30:00 +0000</p> <div class="p-summary" itemprop="description"><p>Back in the early days of the Internet, when everybody knew everybody, the way that you validated yourself to a Certificate Authority (CA) for an X509 certificate for Secure Sockets Layer (SSL) was to send a fax on company letterhead.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/announce/20231128">Event Opportunities in 2024 &amp; Last Call for FIRSTCON24 Speakers</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-11-28T00:00:00+00:00">Tue, 28 Nov 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Are you interested in getting involved in FIRST’s 2024 events? If so, take special note of the details and dates below. </p> <p>This digest covers… </p> <ul> <li> <p>FIRSTCON24 Call for Speakers and Trainings Closing This Month </p> </li> <li> <p>2024 Events Speaking and Sponsorship Opportunities </p> </li> <li> <p>2024 Events Save the Date Information </p> </li> </ul></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="vulnerability,forecasting"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20231121-The-rising-tide-of-vulnerabilities">The rising tide of vulnerabilities…might be more predictable than you think.</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-11-22T18:00:00+00:00">Wed, 22 Nov 2023 18:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Over two days in late September, attack surface management teams, incident responders, data scientists, and vulnerability management practitioners gathered in Cardiff, Wales.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/announce/20231109">Save the Date for VulnCon 2024!</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-11-09T00:00:00+00:00">Thu, 09 Nov 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Focused on the Global Vulnerability Management Ecosystem, attendees will have the opportunity to advance the art and science of vulnerability management with industry leaders.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="CVSS"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20231101">FIRST has officially published the latest version of the Common Vulnerability Scoring System (CVSS v4.0)</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-11-01T17:00:00+00:00">Wed, 01 Nov 2023 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In June 2023, attendees at the 35th Annual FIRST Conference, in Montréal, Canada got a first-look preview of the new version of the Common Vulnerability Scoring System (CVSS), version 4.0. After two month of public comment followed by two months of addressing those comments, FIRST is proud to announce the official publication of CVSS version 4.0.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202310">FIRST POST: Oct-Dec 2023</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-10-18T00:00:00+00:00">Wed, 18 Oct 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; CVSS v4.0 is now available; The Board in Oslo; Migrating to the new FIRST SSO; SIGs; On the Road to Fukuoka / Call for presentations; New Teams Members: August, September, October; Upcoming Events</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20230901">New Cyber Security Conference Announced For 2024</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-09-01T00:00:00+00:00">Fri, 01 Sep 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Open CSIRT Foundation and FIRST join forces to bring European cyber security experts together in Spain </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Incident,Response,Podcasts"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://blog.feedspot.com/incident_response_podcasts/">FIRST Impressions Podcast featured in Feedspot Top 10 Incident Response Podcasts</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-08-28T00:00:00+00:00">Mon, 28 Aug 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST Impressions Podcast has been selected as one of the Top 10 Incident Response Podcasts on the web.</p> <p>The FIRST Impressions podcast brings you regularly scheduled content focused on discussions from across the incident response and security spectrum. Hosted by Chris John Riley and Martin McKeay, new episodes released first Friday of the month!</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202307">FIRST POST: Jul-Sep 2023</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-07-18T00:00:00+00:00">Tue, 18 Jul 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Message from the Chair; Conference Roundup; Special Interest Groups; Weekend Training; Training on DNS Prevention, Detection, Disruption and Defense; Diversity and Inclusion; New Board Member Introduction; M3AAWG 58 Meeting; 36th Annual FIRST Conference to take place June 9-14, 2024 in Fukuoka, Japan; New Members; Standards; Communications; Upcoming Events.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20230713">New Common Vulnerability Scoring System (CVSS) set to be cyber sector game-changer </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-07-13T00:00:00+00:00">Thu, 13 Jul 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The latest tool will be critical to properly assess and prioritize dealing with vulnerabilities and prepare defences against cyber-attacks.<br> Critical CVSS 4.0 will also allow consumers to assess real-time threats.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20230608">FIRST appoints new chair as organization continues to grow globally</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-06-08T13:00:00+00:00">Thu, 08 Jun 2023 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST’s AGM took place during the 35th Annual Conference in Montréal, Canada at the start of June 2023. Senior cybersecurity expert Tracy Bills, CERT/CC was elected to lead FIRST’s Board of Directors with the organization’s leadership team further strengthened with the appointment of Carlos Alvarez from ICANN to the Board.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Statement,Diversity,Inclusion"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-05-24T00:00:00+00:00">Wed, 24 May 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p><em>(v1. Approved by FIRST Board 05-17-2023)</em> <br></p> <p>At FIRST, we believe that diversity is essential to achieving our missions of global cooperation and shared language. We embrace diversity in all its forms, reflecting the global and diverse membership of FIRST.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/post/202305">FIRST POST: May-Jun 2023</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-05-12T17:00:00+00:00">Fri, 12 May 2023 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>SIG updates: Human Factors in Security (HFS-SIG), EPSS SIG, SecLounge SIG; Remembering Andrew Cormack - by Serge Droz; Profile Deactivation on FIRST Portal; Board in Tokyo; Team Profiling - RWANDA NATIONAL CSIRT; Suguru Yamaguchi Fellowship Program; and New Teams.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Human,Factors,Security"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20230505-123456-again">123456 again?! Why aren't we learning to address the human factor more successfully?</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-05-05T00:00:00+00:00">Fri, 05 May 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>People have become the main driver for breaches but the human factors remain insufficiently addressed in the IT security sector. We are working on changing that.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="DNS,Matrix,Security"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20230228-DNS_Abuse_Techniques_Matrix">DNS Abuse Techniques Matrix</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-03-01T00:00:00+00:00">Wed, 01 Mar 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The DNS Abuse SIG is very pleased to announce the publication of the DNS Abuse Techniques Matrix, the work of many months and a great number of people from various parts of the security and DNS worlds.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20230224">FIRST - Global Incident Response &amp; Security Team organization to hold 35th Conference in Canada in June</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-02-24T00:00:00+00:00">Fri, 24 Feb 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The Forum of Incident Response and Security Teams (FIRST) plans to hold its 35th Annual Conference with the theme ‘Empowering Communities,’ in Montreal, Quebec, Canada, from June 4 to 9, 2023. This six-day event brings the incident prevention community together with cyber security experts to foster information sharing, cooperation, and coordination. Typically, over 1,000 people from around the world attend. </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Regional,Symposium,Cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20230223_long_time_no_see">Long Time No See!</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-02-23T00:00:00+00:00">Thu, 23 Feb 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>"Long time no see!” was the most popular phrase at the TF-CSIRT – FIRST Regional Symposium in Bilbao, Spain. And it has been a long time indeed – last time we met all together was in Malaga in 2020. We had some virtual events in the meantime, but it was certainly nice to see old faces and meet new colleagues in real life. The first joint post-pandemic event took place from 30th of January to 2nd of February, kindly hosted by the Basque Cybersecurity Centre.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Symposium; TC; Malware; Anti-Abuse; "> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_Jan_Mar_2023.pdf">FIRST POST: January - March 2023</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2023-01-18T00:00:00+00:00">Wed, 18 Jan 2023 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Upcoming Events - Bilbao, Kigali, Amsterdam; TF-CSIRT Meeting &amp; 2023 FIRST Regional Symposium Europe; 2023 FIRST &amp; AfricaCERT Symposium: Africa and Arab Regions; Date for your Diaries - Amsterdam 2023 FIRST Technical Colloquium, April 17-19; Chair Sherif Hashem and Board Member Michael Hausding participate in the FIRST &amp; ITU-ARCC Regional Symposium for Africa and Arab Regions; First 100 days on the FIRST board; Are you interested in becoming a future board member?; Be a FIRST trainer! David Rüfenacht, Senior Threat Intelligence Analyst, provides a first-hand account; Special Interest Groups Update; Messaging Malware and Mobile Anti-Abuse Working Group (M3AAWG) and Forum of Incident Response and Security Teams (FIRST) Join Forces to Address Global Internet and Security Issues; Twenty More Members Join FIRST; </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20221219">Messaging Malware and Mobile Anti-Abuse Working Group (M3AAWG) and Forum of Incident Response and Security Teams (FIRST) Join Forces to Address Global Internet and Security Issues</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-12-19T13:00:00+00:00">Mon, 19 Dec 2022 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The Messaging Malware and Mobile Anti-Abuse Working Group (M3AAWG) and Forum of Incident Response and Security Teams (FIRST) announced today they will work together to combat growing Internet abuse and cybersecurity issues. </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Cybersecurity,DNS Abuse"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20221027_ICANN_was_a_massive_success_in_getting_the_word_out_about_DNS_Abuse_and_FIRST">ICANN was a massive success in getting the word out about DNS Abuse and FIRST</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-10-27T00:00:00+00:00">Thu, 27 Oct 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>In September, ICANN invited me to talk about DNS Abuse at the ICANN75 AGM in Kuala Lumpur, Malaysia. It was a great success! My presentation ‘The Challenge of Defining DNS Abuse’ was well received, and many attending industry specialists asked good questions, especially about FIRST's work. I made many valuable connections, including people from ICANN, the DNS Abuse Institute, registries, registrars, CERTs, commercial companies, government organizations, and many more.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="TLP,chair,board,Cyber Diplomacy,SIG"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_oct_dec_2022.pdf">FIRST POST: October - December 2022</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-10-24T00:00:00+00:00">Mon, 24 Oct 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Traffic Light Protocol Version 2.0 is Now Available; FIRST delivers training in Uganda, and the Western Balkans; Peter Lowe speaks about DNS Abuse at ICANN75 AGM in Kuala Lumpur; FIRST Chair Sherif Hashem participates in the Cyber Diplomacy and Norms panel at The Second Community of African Cyber Experts; The World Opens - FIRST Events Round Up; Special Interest Groups Update and New NETSEC SIG Formed; The Board meets in Davos; Board of Directors Organization and Roles for 2022/23; Twenty new members join FIRST</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Cybersecurity,incident response"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220805_building_a_trusted_and_cyber_secure_europe">Building a trusted and Cyber Secure Europe</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-05T00:00:00+00:00">Fri, 05 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The European Union Agency for Cybersecurity is dedicated to achieving a high common level of cybersecurity across Europe. For more than 15 years, ENISA has played a key role in enabling digital trust and security across Europe, together with its stakeholders including the Member States and EU bodies and agencies.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="TLP "> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220805">FIRST Releases Traffic Light Protocol Version 2.0 with important updates</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-08-05T00:00:00+00:00">Fri, 05 Aug 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The Forum of Incident Response and Security Team (FIRST) has updated the globally renowned Traffic Light Protocol (TLP) for the cybersecurity industry - a vital system used by organizations all around the world to share sensitive information. The new version of the TLP results from a thorough consultation with over 50 security industry experts over three years with the goals to standardize, unify and modernize the content and language and provide improved supporting materials.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="ransomware,ransom,attack"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220729_Average_ransom_payment">Average Ransom Payment Up 71% This Year, Approaches $1 Million</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-29T00:00:00+00:00">Fri, 29 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>With the recent release of the 2022 Unit 42 Ransomware Threat Report, we thought it would be a good time to take a quick look at ransomware activity that we’ve seen so far in 2022.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject=" Conference,board,director,annual report,new members"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_July_sept_2022.pdf">FIRST POST: July - September 2022</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-28T00:00:00+00:00">Thu, 28 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Annual FIRST Conference in Dublin, the Republic of Ireland, is a triumph; Dr. Sherif Hashem is the new Chair of FIRST, and four new members join the FIRST Board of Directors; Four new additions to the FIRST Board of Directors; The FIRST 2021-22 Annual Report is now available; FIRST adds a New Director of Community and Capacity Building to the team; 34 new members join FIRST; </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Security,SOAR,Attack"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220722_SOARs_vs_No-Code_Security_Automation_The_Case_for_Both">SOARs vs. No-Code Security Automation: The Case for Both</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-22T00:00:00+00:00">Fri, 22 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Just a few years ago, security orchestration, automation and response (SOAR) was the new buzzword associated with security modernization. Today, however, SOAR platforms are increasingly assuming a legacy look and feel. Although SOARs still have their place in a modern SecOps strategy, the key to driving SecOps forward today is no-code security automation. Read on to learn what lightweight security automation means, how it compares to SOAR and why SOARs alone won’t help you stay ahead of today’s security threats.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220721">Is true multi-stakeholderism failing? FIRST fears so.</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-21T13:00:00+00:00">Thu, 21 Jul 2022 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Last week FIRST learned that it is among a large group of organizations that were rejected from participating in the Open ended Working Group (OEWG) process, despite the groups expressed commitment to work with non-governmental organizations.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220720">Dr. Sherif Hashem is the new Chair of FIRST, and four new members join the Board of Directors</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-20T13:00:00+00:00">Wed, 20 Jul 2022 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>A new Chair and four new cyber security experts joined the Forum of Incident Response and Security Team (FIRST) Board of Directors during the recent AGM to serve the 2022-24 term. Current board member Dr. Sherif Hashem was voted in as the new chair and brings extensive knowledge, experience, and international relations to the role.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Security Analytics,incident response,Attack"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220715_I_Want_the_Needle_and_the_Haystack_YARA_Security_Analytics_for_Incident_Response">I Want the Needle and the Haystack: YARA + Security Analytics for Incident Response</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-15T00:00:00+00:00">Fri, 15 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>I want the needle, and the haystack to go along with it. Attackers take advantage of siloed data and security tools to exploit systems using misconfigurations and move laterally. This lateral movement across different attack surfaces has attackers flowing between the control plane and data plane of your environment to escalate privileges and seek out targeted access.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220701">Cybersecurity Defenders United in Global Fight Against Cyber Threats </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-07-01T00:00:00+00:00">Fri, 01 Jul 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Over the past five days, 1,000 specialists representing six continents united in the cyber-crime fight at the Forum of Incident Response and Security Teams (FIRST) conference in Dublin, Ireland</p> <p>From how Ukraine is dealing with cyber attacks against its critical infrastructure, to the rapidly growing access to online child sexual abuse material and the sophisticated approaches to ransomware, phishing, and online fraud as well discussing cooperation with the United Nations and with INTERPOL and law enforcement– no stone was left unturned for delegates working together to protect societies world-wide</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220620">Leading Computer Security Experts to Gather in Dublin for Critical Discussions at World-Renowned Conference</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-06-20T00:00:00+00:00">Mon, 20 Jun 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Over 1,000 specialists representing six continents to participate in the Forum of Incident Response and Security Teams (FIRST) five-day program in Ireland</p> <p>Google’s Maddie Stone addresses the 0-day cyber-attack in-the-wild and how combating the unknown can help future online defense</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="DNS,Abuse,Policy,stakeholders"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220519_The_Challenge_of_Defining_DNS_Abuse">The Challenge of Defining DNS Abuse</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-05-19T13:00:00+00:00">Thu, 19 May 2022 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>DNS Abuse is a pretty widely used term. On the surface, it might seem like a simple term that's easily understood. But when you look more closely, the definition depends on your perception of the issue—and can be defined both broadly, or more narrowly.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Technical Colloquium,Netherlands,Amsterdam,collaboration"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220428_Chris_Gibson_TC_Netherlands">FIRST Technical Colloquium in the Netherlands – sees global experts converge in Amsterdam to share knowledge and inspire collaborations</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-04-28T01:00:00+00:00">Thu, 28 Apr 2022 01:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>I had the absolute pleasure of participating in and attending the recent FIRST Technical Colloquium at the W Hotel in Amsterdam, Netherlands, April 12–14. It was great to see nearly 100 people attend and over 50 people participating in training at this long-awaited in-person event. The program featured 17 speakers and two on-site trainers who held several popular workshops.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="New Director,Technical Colloquia,Symposiums,Annual Conference,Hall of Fame,Mentorship Program"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_April_Jun_2022.pdf">FIRST POST: April-June 2022</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-04-25T00:00:00+00:00">Mon, 25 Apr 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>New Director of IT &amp; Security role to bolster FIRST’s Business Plan; Upcoming Technical Colloquia, Symposiums, and Annual Conference; Last chance to nominate individuals or teams for the Incident Response Hall of Fame; FIRST contributes to important global policy and governance discussions; Mentors sought for new FIRST Mentorship Program; Eleven more member teams join FIRST; FIRST Infrastructure Updates - New Application Process</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/news/20220401">2022 Call for Nominations for the FIRST Board of Directors</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-04-01T00:00:00+00:00">Fri, 01 Apr 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Each year, the FIRST membership elects five individuals to the FIRST board of directors.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220325">Teams suspension from FIRST </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-03-25T00:00:00+00:00">Fri, 25 Mar 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The Board of Directors strongly believes that FIRST should be an inclusive organization with broad global participation and collaboration to make the internet safe for everyone. </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="CSIRT,FIRST,collaboration"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220224_GGE">Keep CSIRTs out of the lines of fire</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-02-24T16:00:00+00:00">Thu, 24 Feb 2022 16:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST encourages states to not attack CSIRTs and critical infrastructure</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20220223">Cybersecurity Nonprofits Form “Nonprofit Cyber” Coalition</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-02-23T00:00:00+00:00">Wed, 23 Feb 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Nonprofits that focus on action and tangible results to more effectively collaborate and coordinate to increase efficiency and impact globally</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Special Interest Groups events Annual Conference member"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_Jan-Mar2022.pdf">FIRST POST: January-March 2022</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-02-03T00:00:00+00:00">Thu, 03 Feb 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Three new Special Interest Groups created by FIRST members; FIRST partcipates in several important UN actvites; 19 events organized in 2021 - registraton opens for FIRST Annual Conference in 2022; Twelve more member teams join FIRST</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="https://www.theregister.com/2022/01/19/twitter_cvss_vulnerabilites/">Need to prioritize security bug patches? Don't forget to scan Twitter as well as use CVSS scores</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-01-19T21:22:00+00:00">Wed, 19 Jan 2022 21:22:00 +0000</p> <div class="p-summary" itemprop="description"><p>Organizations looking to minimize exposure to exploitable software should scan Twitter for mentions of security bugs as well as use the Common Vulnerability Scoring System or CVSS, Kenna Security argues.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20220105-Automation_SIG_A_New_SIG_Adventure">Automation SIG: A New SIG Adventure</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2022-01-05T00:00:00+00:00">Wed, 05 Jan 2022 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Every incident response team globally is facing a serious increase of workload. As attackers scan and penetrate networks via automation, so must defenders look at automation.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20211129-meeting_person_first_oslo_technical_colloquium">Meeting in person at the FIRST Oslo Technical Colloquium</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-12-07T17:00:00+00:00">Tue, 07 Dec 2021 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Last month, I was honored to be one of the planners and participants of the FIRST Technical Colloquium (TC) in Norway. Organized by FIRST members, the event was held just outside of Oslo at the Telenor Expo, Telenor headquarters in Fornebu.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="colloquiua events Board Empowering Cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_Sep2021.pdf">FIRST POST: September 2021</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-09-28T00:00:00+00:00">Tue, 28 Sep 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Norwegian members of FIRST to host a technical colloquium in Oslo in November; More FIRST events to add to your calendar; The FIRST Board of Directors meets across two continents to build our two-year business plan; Empowering Women in Cybersecurity: ITU, FIRST, and EQUALS Global Mentorship Pilot Program concludes; 16 more member teams join FIRST; </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Threat hunting,APT"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210802-Threat_hunting_an_outdated_technique_or_a_tactical_advantage">Threat hunting: an outdated technique or a tactical advantage?</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-08-02T00:00:00+00:00">Mon, 02 Aug 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="velociraptor,printNightmare"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210726-Velociraptor_vs_PrintNightmare">Velociraptor vs. PrintNightmare</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-26T00:00:00+00:00">Mon, 26 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Hunting a Zero day!</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Secureworks,cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210719-Ongoing_campaign_leveraging_Exchange_vulnerability_potentially_linked_to_Iran">Ongoing campaign leveraging Exchange vulnerability potentially linked to Iran</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-19T00:00:00+00:00">Mon, 19 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="Threat intelligence,cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210712-Industry_Peers_Are_the_Path_Towards_a_Collective_Defense">Industry Peers Are the Path Towards a Collective Defense</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-12T00:00:00+00:00">Mon, 12 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="chair board"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20210708">FIRST appoints new Chair Dave Schwartzburg and welcomes five new Board of Directors</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-08T00:00:00+00:00">Thu, 08 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Alexander Jäger, Senior Security Engineer of Google, continues in his role as Chief Financial Officer</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_Jun2021.pdf">FIRST POST: June - August 2021</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-08T00:00:00+00:00">Thu, 08 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Did you miss our Virtual 33rd FIRST Annual Conference?; ICASI integrates into FIRST PSIRT SIG, bolstering the incident response and security team industry; FIRST Welcomes a new Chair and Five New Board of Directors; FIRST publishes its fifth Annual Reportt; A new fellowship team joins FIRST - Malawi CERT; Jeffrey Carpenter and Dan Kaminsky newly inducted into FIRST’s Incident Response Hall of Fame; FIRST membership continues to grow - we’re now at 575 members from 98 countries.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20210630">Jeffrey Carpenter and Dan Kaminsky newly inducted into FIRST's Incident Response Hall of Fame </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-07-01T00:00:00+00:00">Thu, 01 Jul 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Jeffrey and Dan join past inductees Ian Cook, Don Stikvoort, and Klaus-Peter Kossakowski </p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20210611">FIRST releases its 2020-21 Annual Report</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-06-14T00:00:00+00:00">Mon, 14 Jun 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST published its fifth Annual Report which covers the organization’s accomplishments towards its vision of bringing together incident response and security teams from every country across the world to ensure a safe internet for all. The report is available at <a href="https://www.first.org/about/reports/FIRST-Annual-Report-2020-2021.pdf">FIRST Annual Report 2020-2021</a>.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="ICASI,PSIRT SIG"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20210601">ICASI integrates into FIRST PSIRT SIG bolstering the incident response and security team industry</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-06-01T13:00:00+00:00">Tue, 01 Jun 2021 13:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>ICASI – the Industry Consortium for Advancement of Security on the Internet was officially integrated into the Forum of Incident Response and Security Teams (FIRST) on May 28, 2021. Established in 2008, ICASI’s purpose was to strengthen the global security landscape by driving excellence and innovation in security response practices; facilitating collaboration among members to analyze, mitigate, and resolve multi-stakeholder, global security challenges. This role will continue but as part of the existing FIRST PSIRT SIG, expand and improve the community’s ability to respond to vulnerabilities across multiple vendors. Founded in 1990, FIRST is the global leader in incident response.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,cybersecurity,conference,virtual"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_POST_Mar2021.pdf">FIRST POST: March 2021</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-03-31T00:00:00+00:00">Wed, 31 Mar 2021 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>33rd FIRST Annual Conference: Crossing Uncertain Times; Mark your calendars: FIRST reveals 2021 events calendar; FIRST welcomes its 97th country and member 562: Benin bjCSIRT; FIRST, ITU and Equals launches Women in Cyber Mentorship Program for Arab and Africa Regions; Get your nominations in for the third edition of The Incident Response Hall of Fame; New Podcast - FIRST Impressions - is launched!</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="conference,cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210118-Thank_You_FIRST_Community_for_Helping_Team_Cymru">Thank You FIRST Community for Helping Team Cymru Reach a New CSIRT Assistance Program Milestone</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-01-28T17:00:00+00:00">Thu, 28 Jan 2021 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Together, We’re Creating Better Threat Intelligence Sharing for the World</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="conference,ransomware"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210111-Preparing_for_Post-Intrusion_Ransomware">Preparing for Post-Intrusion Ransomware</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-01-11T17:00:00+00:00">Mon, 11 Jan 2021 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>This evolving and brutally effective threat can have a significant impact on an organization’s resources, finances, and reputation, but it can be stopped</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="clustering,file similarity,ioc,similarity,tactical intelligence,threat campaigns,threat context,threat intelligence"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20210104-Using_similarity_to_expand_context_and_map_out_threat_campaigns">Using similarity to expand context and map out threat campaigns</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2021-01-04T17:00:00+00:00">Mon, 04 Jan 2021 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Cyber Threat Intelligence (CTI) practitioners can gain insight into adversary operations by tracking conflicts or geopolitical tensions. Similar to a “follow the money” approach in criminal investigations, looking at conflict zones can reveal cyber capabilities deployed as part of events —either by the parties to the conflict itself, or third parties interested in monitoring events for their own purposes.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="conference,cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20201221-Forecasting_All_for_One_and_One_for_All_in_Cybersecurity">Forecasting: All for One and One for All in Cybersecurity</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-12-21T17:00:00+00:00">Mon, 21 Dec 2020 17:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,cybersecurity,conference,virtual"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_Dec2020.pdf">FIRST POST: December 2020</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-12-21T00:00:00+00:00">Mon, 21 Dec 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Over 2500 Cybersecurity Professionals Participate In 32nd FIRST Annual Conference - Where Defenders Share. 2021 33rd Annual Conference Theme And Call For Papers. 2020 FIRST Virtual Symposium For Africa And The Arab Region - Supporting The Effectiveness Of Incident Response Within Africa. Ian Cook And Don Stikvoort Receive Joint Honors In The Incident Response Hall Of Fame Awards. New Code Of Ethics Launched On Global Ethics Day. FIRST Partners With Itu And Equals Global Partnership To Empower Women In Cybersecurity. FIRST To Contribute To Itu National Cybersecurity Strategy Guide. Mou Signed Between First And Ocf To Advance Membership Of Incident Responders And Security Teams Across The Globe. Reminder - 2021 First Membership Renewal.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="conference,cyber,threat,inteligence"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20201214-Current_Events_to_Widespread_Campaigns">Current Events to Widespread Campaigns: Pivoting from Samples to Identify Activity</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-12-14T17:00:00+00:00">Mon, 14 Dec 2020 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Cyber Threat Intelligence (CTI) practitioners can gain insight into adversary operations by tracking conflicts or geopolitical tensions. Similar to a “follow the money” approach in criminal investigations, looking at conflict zones can reveal cyber capabilities deployed as part of events —either by the parties to the conflict itself, or third parties interested in monitoring events for their own purposes.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="conference,cybersecurity"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20201207-Pay2Key">Pay2Key – The Plot Thickens</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-12-07T17:00:00+00:00">Mon, 07 Dec 2020 17:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Last weekend we issued a ransomware alert about a wave of attacks using a never-seen-before strain dubbed ‘Pay2Key.’ Our investigation suggested the ransomware operators were mostly targeting Israeli companies. The ransomware used in the attacks spread rapidly across victims’ networks, leaving significant parts of the network encrypted along with a ransom note, threatening to leak stolen corporate data unless the ransom is paid.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20201118">CSIRTs: Al pie del canón</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-11-18T00:00:00+00:00">Wed, 18 Nov 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Los equipos de respuesta a incidentes de seguridad necieron tras el considerado primer gran ciberataque mundial, provocado por el 'virus Moris', en 1988.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20201113">FIRST sees over 1600 cybersecurity professionals from 97 countries sign up for 32nd Annual Conference</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-11-13T00:00:00+00:00">Fri, 13 Nov 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Virtual Conference to take place November 16-18 2020</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20201021">FIRST launches new code of ethics for incident response and security teams on Global Ethics Day</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-10-21T00:00:00+00:00">Wed, 21 Oct 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p><strong>October 21, 2020</strong> – following a global consultation, the Forum of Incident Response and Security Teams (FIRST) is launching new ethics guidelines for incident response and security teams today on Global Ethics Day. ethicsfIRST provides guidance for cybersecurity professionals on how to conduct themselves professionally and ethically during incidents. Inspired by Earth Day, Global Ethics Day provides an opportunity for organizations to explore the meaning of ethics in international affairs</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,fellowship,members,events,metrics,portal"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_autumn_2020.pdf">FIRST POST: Autumn 2020</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-09-24T00:00:00+00:00">Thu, 24 Sep 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>2020-2022 Board Announced. Welcoming a new board member – Shawn Richardson. FIRST reveals its new Vision and Mission. FIRST 32nd Annual Conference – Virtual Edition. Tips on how to publish your ideas in peer-reviewed journals. Code of Conduct – A Reminder. Infrastructure update. Have you read our new Annual Report yet?</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20200923">FIRST jointly honors Ian Cook and Don Stikvoort in The Incident Response Hall of Fame awards</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-09-23T00:00:00+00:00">Wed, 23 Sep 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The awards celebrate outstanding contribution to the Incident Response community and cyber security</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/news/20200730">Results of the 2020 FIRST Board of Directors</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-07-30T00:00:00+00:00">Thu, 30 Jul 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The results of the 2020 FIRST Board of Directors election follow:</p> <ul> <li>Alexander Jaeger (Google IRT) </li> <li>Serge Droz (Liaison,Proton-CERT) </li> <li>Dave Schwartzburg (Cisco Systems) </li> <li>Javier Berciano (Liaison,One eSecurity) </li> <li>Shawn Richardson (NVIDIA) </li> </ul> <p>The full board list can be found <a href="https://www.first.org/about/organization/directors">here</a>. Thank you to all of the candidates who ran in the election.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20200727">FIRST releases its 2019-20 Annual Report </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-07-27T00:00:00+00:00">Mon, 27 Jul 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p><strong>July 27th, 2020</strong> - The Forum of Incident Response and Security Teams (FIRST) is proud to publish its fourth Annual Report today. The report details the organization’s achievements towards building a mature global incident response community. It covers the period between the 2019 conference in Edinburgh, Scotland and July 2020. <a href="https://www.first.org/about/reports/FIRST-Annual-Report-2019-2020.pdf">FIRST Annual Report 2019-2020</a></p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,fellowship,members,events,metrics,portal"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_summer_2020.pdf">FIRST POST: Summer 2020</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-07-06T00:00:00+00:00">Mon, 06 Jul 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>2020 Agm &amp; Election. 2020 Conference update and impact of Covid-19. First 2020 CTI Symposium in Switzerland moved online. First to Review the Traffic Light Protocol standard to increase global adoption. First updates coordination principles for Multi-Party Vulnerability Coordination and Disclosure. First and Mitre Engenuity partner to expand The Global Understanding of Adversary Behaviors. More new partnerships forged to make the internet safe for everyone. Virtual site visits currently available for new applicants. Critical VPN vulnerabilities show the need for proactive risk scanning. ISO and standards update. New breach workshop materials available. A new initiative to build trust. First infrastructure update Portal &amp; SSO.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="membership,application"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/membership/updates-202004">FIRST Membership Application updated to enable virtual site visit</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-06-04T20:00:00+00:00">Thu, 04 Jun 2020 20:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>FIRST suspended the requirement for a physical site visit for applying members until further notice. Sponsoring teams may conduct a virtual site visit.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="first,community,ethics,cvd"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/blog/20200518_Ethics_Responsibilities_Vulnerabilities">Ethics, Responsibilities, Vulnerabilities</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-05-18T15:00:00+00:00">Mon, 18 May 2020 15:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Coordinated Vulnerability Disclosure is hard: Here is what to do about it.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20200513">FIRST aims to update the Traffic Light Protocol standard to increase global adoption</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-05-13T00:00:00+00:00">Wed, 13 May 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20200505">FIRST updates coordination principles for Multi-Party Vulnerability Coordination and Disclosure</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-05-06T00:00:00+00:00">Wed, 06 May 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,fellowship,members,events,metrics"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_spring_2020.pdf">FIRST POST: Spring 2020</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-04-08T00:00:00+00:00">Wed, 08 Apr 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Málaga Hosts the first European Symposium and Tf-Csirt Meeting for Global Security Experts. FIRST participates in the un’s Development of Cyber Norms. FIRST Technical Colloquium - Ljubljana, Slovenia. FIRST releases updated computer security incident response team (CSIRT) Services Framework – Version 2.1. SPECIAL RECOGNITIONS – Member Awarded Order Of Three Stars In Latvia. Raising awareness of FIRST. First Infrastructure Update - Member Portal &amp; Identity Project. Annual Conference and Annual General Meeting update</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20200312">FIRST releases updated Computer Security Incident Response Team (CSIRT) Services Framework – Version 2.1 </a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-03-12T00:00:00+00:00">Thu, 12 Mar 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsletter,fellowship,members,events,metrics"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/FIRST_Dec2019.pdf">FIRST POST: Winter 2019/2020</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2020-01-02T00:00:00+00:00">Thu, 02 Jan 2020 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Internet Hall Of Fame inducts the late Suguru Yamaguchi. FIRST launches Women In Cybersecurity Initiative. FIRST Metrics SIG Webinar series re-launched. FIRST Infrastructure Update. “Insure” you participate in this call. A warm welcome to our 500^th member - Versia. Improving Security Together.</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article" data-subject="newsroom,press release"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/releases/20191219">FIRST released ethics guidelines to deepen trust among incident response teams</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2019-12-19T00:00:00+00:00">Thu, 19 Dec 2019 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>Calling for public consultation until end of January, 2020</p></div> </article> <article class="h-entry search-item visible" itemscope itemtype="http://schema.org/Article"> <h3 class="p-name" itemprop="name"><a class="p-url" itemprop="url" href="/newsroom/newsletters/trusting-infrastructure.pdf">Trusting Infrastructure</a></h3> <p class="dt-published" itemprop="datePublished" datetime="2019-12-02T00:00:00+00:00">Mon, 02 Dec 2019 00:00:00 +0000</p> <div class="p-summary" itemprop="description"><p>The Emergence of Computer Security Incident Response, 1989–2005, by Rebecca Slayton and Brian Clarke (available in PDF).</p></div> </article> </div> <ul class="years page-control"> <li><a href="/newsroom/news/2025">2025</a></li> <li><a href="/newsroom/news/2024">2024</a></li> <li><a href="/newsroom/news/2023">2023</a></li> <li><a href="/newsroom/news/2022">2022</a></li> <li><a href="/newsroom/news/2021">2021</a></li> <li><a href="/newsroom/news/2020">2020</a></li> <li><a href="/newsroom/news/2019">2019</a></li> <li><a href="/newsroom/news/2018">2018</a></li> <li><a href="/newsroom/news/2017">2017</a></li> <li><a href="/newsroom/news/2016">2016</a></li> <li><a href="/newsroom/news/2015">2015</a></li> <li><a href="/newsroom/news/2014">2014</a></li> <li><a href="/newsroom/news/2013">2013</a></li> <li><a href="/newsroom/news/2012">2012</a></li> <li><a href="/newsroom/news/2011">2011</a></li> <li><a href="/newsroom/news/2010">2010</a></li> <li><a href="/newsroom/news/2009">2009</a></li> <li><a href="/newsroom/news/2008">2008</a></li> <li><a href="/newsroom/news/2007">2007</a></li> <li><a href="/newsroom/news/2006">2006</a></li> <li><a href="/newsroom/news/2005">2005</a></li> <li><a href="/newsroom/news/2004">2004</a></li> <li><a href="/newsroom/news/2002">2002</a></li> </ul></div></div><div id="navbar" data-studio="CU52CV1W8g"><div id="c4" data-studio="Yu8FjCC11g"><ul class="navbar"><li><a href="/about">About FIRST</a><ul><li><a href="/about/mission">Mission Statement</a></li><li><a href="/about/strategy/">Strategy Framework</a></li><li><a href="/about/history">History</a></li><li><a href="/about/sdg">Sustainable Development Goals</a></li><li><a href="/about/organization">Organization</a><ul><li><a href="/about/organization/directors">Board of Directors</a></li><li><a>Operations Team</a><ul><li><a href="/about/organization/ccb">Community &amp; Capacity Building</a></li><li><a href="/about/organization/events">Event Office</a></li><li><a href="/about/organization/executive-director">Executive Director</a></li><li><a href="/about/organization/infrastructure">Infrastructure</a></li><li><a href="/about/organization/secretariat">Secretariat</a></li></ul></li><li><a href="/about/organization/committees">Committees</a><ul><li><a href="/about/organization/committees/compensation-committee">Compensation Committee</a></li><li><a href="/about/organization/committees/conference-program-committee">Conference Program Committee</a></li><li><a href="/about/organization/committees/membership-committee">Membership Committee</a></li><li><a href="/about/organization/committees/rules-committee">Rules Committee</a></li><li><a href="/about/organization/committees/standards">Standards Committee</a></li></ul></li><li><a href="/events/agm">Annual General Meeting</a></li><li><a href="/about/organization/reports">Annual Reports and Tax Filings</a></li></ul></li><li><a href="/about/policies">FIRST Policies</a><ul><li><a href="/about/policies/anti-corruption">Anti-Corruption Policy</a></li><li><a href="/about/policies/antitrust">Antitrust Policy</a></li><li><a href="/about/policies/bylaws">Bylaws</a></li><li><a href="/about/policies/board-duties">Board duties</a></li><li><a href="/about/bugs">Bug Bounty Program</a></li><li><a href="/about/policies/code-of-conduct">Code of Conduct</a></li><li><a href="/about/policies/conflict-policy">Conflict of Interest Policy</a></li><li><a href="/about/policies/doc-rec-retention-policy">Document Record Retention and Destruction Policy</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li><li><a href="/about/policies/gen-event-reg-refund-policy">General Event Registration Refund Policy</a></li><li><a href="/about/policies/event-site-selection">Guidelines for Site Selection for all FIRST events</a></li><li><a href="/identity">Identity &amp; Logo Usage</a></li><li><a href="/about/policies/mailing-list">Mailing List Policy</a></li><li><a href="/about/policies/media">Media Policy</a></li><li><a href="/about/policies/privacy">Privacy Policy</a></li><li><a href="/about/policies/registration-terms-conditions">Registration Terms &amp; Conditions</a></li><li><a href="/about/policies/terms">Services Terms of Use</a></li><li><a href="/about/policies/standards">Standards Policy</a></li><li><a href="/about/policies/diversity">Statement on Diversity &amp; Inclusion</a></li><li><a href="/about/policies/translation-policy">Translation Policy</a></li><li><a href="/about/policies/travel-policy">Travel Policy</a></li><li><a href="/about/policies/uniform-ipr">Uniform IPR Policy</a></li><li><a href="/about/policies/whistleblower-policy">Whistleblower Protection Policy</a></li></ul></li><li><a href="/about/partners">Partnerships</a><ul><li><a href="/global/partners">Partners</a></li><li><a href="/global/friends">Friends of FIRST</a></li><li><a href="/global/supporters/">FIRST Supporters</a></li><li><a href="/about/sponsors">FIRST Sponsors</a></li></ul></li><li><a href="/newsroom">Newsroom</a><ul><li><a href="/newsroom/news">What&#039;s New</a></li><li><a href="/newsroom/releases">Press Releases</a></li><li><a href="/newsroom/news/media">In the News</a></li><li><a href="/podcasts">Podcasts</a><ul><li><a href="/newsroom/news/first-impressions/">FIRST Impressions Podcast</a></li><li><a href="/newsroom/news/podcasts/">FIRSTCON Podcast</a></li></ul></li><li><a href="/newsroom/newsletters">Newsletters</a></li><li><a href="/newsroom/policy">FIRST Press Policy</a></li></ul></li><li><a href="/about/procurement">Procurement</a></li><li><a href="/about/jobs/">Jobs</a></li><li><a href="/contact">Contact</a></li></ul></li></ul></div></div><div id="sidebar" data-studio="CU52CV1W8g"><div id="c5" data-studio="Yu8FjCC11g" class="h3labels orange subbox"><h3 id="Subscribe-via-RSS">Subscribe via RSS</h3> <p>RDF Site Summary (RSS) is a lightweight multipurpose extensible metadata description and syndication format.</p> <p>Subscribe to the <strong>What&#039;s New</strong> using our RSS feed:<br /> <a href="/newsroom/news/rss.xml"><span class="icon-feed"></span> RSS 2.0</a></p></div><div id="c6" data-studio="Yu8FjCC11g"><div id="tag-cloud" data-url="/newsroom/news/"><a href="#abuse" class="l-1">Abuse</a> <a href="#amsterdam" class="l-1">Amsterdam</a> <a href="#annual-conference" class="l-1">Annual Conference</a> <a href="#annual-report" class="l-1">annual report</a> <a href="#application" class="l-1">application</a> <a href="#apt" class="l-1">APT</a> <a href="#attack" class="l0">attack</a> <a href="#board" class="l0">board</a> <a href="#certificate" class="l-1">certificate</a> <a href="#chair" class="l-1">chair</a> <a href="#chair-board" class="l-1">chair board</a> <a href="#clustering" class="l-1">clustering</a> <a href="#collaboration" class="l0">collaboration</a> <a href="#colloquiua-events-board-empowering-cybersecurity" class="l-1">colloquiua events Board Empowering Cybersecurity</a> <a href="#community" class="l-1">community</a> <a href="#conference" class="l3"> Conference</a> <a href="#csirt" class="l-1">CSIRT</a> <a href="#cvd" class="l-1">cvd</a> <a href="#cvss" class="l0">cvss</a> <a href="#cyber" class="l0">cyber</a> <a href="#cyber-diplomacy" class="l-1">Cyber Diplomacy</a> <a href="#cybersecurity" class="l5">Cybersecurity</a> <a href="#director" class="l-1">director</a> <a href="#diversity" class="l-1">Diversity</a> <a href="#dns" class="l0">DNS</a> <a href="#dns-abuse" class="l-1">DNS Abuse</a> <a href="#doa" class="l-1">doa</a> <a href="#ethics" class="l-1">ethics</a> <a href="#events" class="l1">events</a> <a href="#factors" class="l-1">Factors</a> <a href="#fellowship" class="l1">fellowship</a> <a href="#file-similarity" class="l-1">file similarity</a> <a href="#first" class="l0">FIRST</a> <a href="#forecast" class="l2">forecast</a> <a href="#forecasting" class="l-1">forecasting</a> <a href="#framework" class="l-1">Framework</a> <a href="#hall-of-fame" class="l-1">Hall of Fame</a> <a href="#human" class="l-1">Human</a> <a href="#icasi" class="l-1">ICASI</a> <a href="#incident" class="l-1">Incident</a> <a href="#incident-response" class="l0">incident response</a> <a href="#inclusion" class="l-1">Inclusion</a> <a href="#insights" class="l-1">insights</a> <a href="#inteligence" class="l-1">inteligence</a> <a href="#ioc" class="l-1">ioc</a> <a href="#loa" class="l-1">loa</a> <a href="#management" class="l-1">management</a> <a href="#matrix" class="l-1">Matrix</a> <a href="#members" class="l1">members</a> <a href="#membership" class="l-1">membership</a> <a href="#mentorship-program" class="l-1">Mentorship Program</a> <a href="#metrics" class="l1">metrics</a> <a href="#multi-stakeholder" class="l-1">Multi-Stakeholder</a> <a href="#netherlands" class="l-1">Netherlands</a> <a href="#new-director" class="l-1">New Director</a> <a href="#new-members" class="l-1">new members</a> <a href="#newsletter" class="l2">newsletter</a> <a href="#newsroom" class="l-1">newsroom</a> <a href="#planning" class="l-1">planning</a> <a href="#podcasts" class="l-1">Podcasts</a> <a href="#policy" class="l-1">Policy</a> <a href="#portal" class="l0">portal</a> <a href="#press-release" class="l-1">press release</a> <a href="#printnightmare" class="l-1">printNightmare</a> <a href="#psirt-sig" class="l-1">PSIRT SIG</a> <a href="#ransom" class="l-1">ransom</a> <a href="#ransomware" class="l0">Ransomware</a> <a href="#regional" class="l-1">Regional</a> <a href="#response" class="l-1">Response</a> <a href="#secureworks" class="l-1">Secureworks</a> <a href="#security" class="l0">Security</a> <a href="#security-analytics" class="l-1">Security Analytics</a> <a href="#sig" class="l0">SIG</a> <a href="#similarity" class="l-1">similarity</a> <a href="#soar" class="l-1">SOAR</a> <a href="#special-interest-groups-events-annual-conference-member" class="l-1">Special Interest Groups events Annual Conference member</a> <a href="#stakeholders" class="l-1">stakeholders</a> <a href="#statement" class="l-1">Statement</a> <a href="#strategy" class="l-1">Strategy</a> <a href="#symposium" class="l-1">Symposium</a> <a href="#symposium-tc-malware-anti-abuse" class="l-1">Symposium; TC; Malware; Anti-Abuse; </a> <a href="#symposiums" class="l-1">Symposiums</a> <a href="#tactical-intelligence" class="l-1">tactical intelligence</a> <a href="#technical-colloquia" class="l-1">Technical Colloquia</a> <a href="#technical-colloquium" class="l-1">Technical Colloquium</a> <a href="#threat" class="l0">threat</a> <a href="#threat-campaigns" class="l-1">threat campaigns</a> <a href="#threat-context" class="l-1">threat context</a> <a href="#threat-hunting" class="l-1">Threat hunting</a> <a href="#threat-intelligence" class="l0">Threat intelligence</a> <a href="#tlp" class="l0">TLP</a> <a href="#tools" class="l1">tools</a> <a href="#trends" class="l-1">trends</a> <a href="#velociraptor" class="l-1">velociraptor</a> <a href="#virtual" class="l0">virtual</a> <a href="#vulnerabilities" class="l2">vulnerabilities</a> <a href="#vulnerability" class="l0">vulnerability</a> </div></div></div><footer><div id="footer" data-studio="CU52CV1W8g"><div id="c2" data-studio="Yu8FjCC11g"><div class="content"> <div class="support"> <div class="kbsearch bottom"> <p><a href="https://support.first.org"><img src="/_/img/icon-portal_support.svg" alt="FIRST Support" title="FIRST Support" /></a> <input class="kb-search" type="search" placeholder="Do you need help?"></p> </div> </div> <div id="socialnetworks"><a href="/about/sdg" title="FIRST Supported Sustainable Development Goals (SDG)" class="icon-sdg"></a><a rel="me" href="https://bsky.app/profile/first.org" target="_blank" title="BlueSky @first.org" class="icon-bluesky"></a><a rel="me" href="https://infosec.exchange/@firstdotorg" target="_blank" title="@FIRSTdotOrg@infosec.exchange" class="icon-mastodon"></a><a href="https://twitter.com/FIRSTdotOrg" target="_blank" title="Twitter @FIRSTdotOrg" class="icon-tw"></a><a href="https://www.linkedin.com/company/firstdotorg" target="_blank" title="FIRST.Org at LinkedIn" class="icon-linkedin"></a><a href="https://www.facebook.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Facebook" class="icon-fb"></a><a href="https://github.com/FIRSTdotorg" target="_blank" title="FIRST.Org at Github" class="icon-github"></a><a href="https://www.youtube.com/c/FIRSTdotorg" target="_blank" title="FIRST.Org at Youtube" class="icon-youtube"></a><a href="/podcasts" title="FIRST.Org Podcasts" class="icon-podcast"></a></div> <p><a href="/copyright">Copyright</a> © 2015—2025 by Forum of Incident Response and Security Teams, Inc. All Rights Reserved.</p> </div> <p><span class="tlp"></span></p></div></div></footer><script nonce="i97fUEZE0AIpxi3-8hUuiA" async="async" src="/_/web.js?20250331122034"></script><script nonce="i97fUEZE0AIpxi3-8hUuiA" async="async" src="/_/web.js?20250331122034"></script><script nonce="i97fUEZE0AIpxi3-8hUuiA" async="async" src="/_/s.js?20250331-122039"></script></body></html>