Blog

My writing focuses on information security, with topics ranging from broad IT trends to detailed technical advice on malware. Scroll through the posts to see whether my interests overlap with yours. Follow this blog to keep up with my latest publications.

Cybersecurity vs. Everyone

Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn’t become the department of “no”? In the following conversation with Chris Cochran and Ron Eddings at Hacker…

Read more

How to Ask Questions to Succeed with Security Projects

No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don’t want to appear ignorant or don’t know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read…

Read more

How You Can Start Learning Malware Analysis

Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who’s helped thousands of security professionals learn how to analyze malware at SANS Institute, I have a…

Read more

REMnux Tools List for Malware Analysis

REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which…

Read more

Version 7 of the REMnux Distro Is Now Available

10 years after the initial release of REMnux, I’m thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual…

Read more

Unemployment Insurance Fraud and Identity Theft: Up Close and Personal

In June 2020, the Federal Trade Commission (FTC) warned that “imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims.” How do such scams look from the victim’s perspective, and what can you do if you’re affected? As a victim of this…

Read more

How You Can Write Better Threat Reports

Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I’m happy to share what I’ve learned over the…

Read more

Learning Malware Analysis and Cybersecurity Writing Online

You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You’ll like this if you prefer to start, stop, or speed up training any time they…

Read more

How to Set Up a SpiderFoot Server for OSINT Research

SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool’s author, offers a free, open source version of SpiderFoot. His team also provides an affordable…

Read more

What’s It Like for a New CISO?

As of this writing, I’ve spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I’ve held a variety of leadership positions over the years, working in this capacity and setting is new for me. I’ve been capturing aspects of my journey in talks and…

Read more