incident response
When characterizing ill-effects of malicious software, it's too easy to focus on malware itself, forgetting that behind...Read more
Despite the general agreement that being prepared for an information security incident decreases the pain of dealing with...Read more
Some organizations have encountered Advanced Persistent Threat over 5 years ago—earlier than most of us. Because of the...Read more
This post, published in February 2015, now captures a historical perspective at the term Indicators of Compromise (IOCs),...Read more
I had the pleasure of speaking with Jake Williams, my colleague at SANS Institute, about his perspective on various...Read more
Cybersecurity professionals often use the word exfiltration to refer to the process of data leaving the compromised...Read more
The web is abuzz with stories about the 2010 data breach that VeriSign reported in its Oct 28, 2011, 10-Q statement. The...Read more
Incident responders and forensic investigators need to be careful when using 32-bit tools to examine file system artifacts...Read more
Understanding the dynamics of the actions taken by computer attackers and defenders is tricky, in part because...Read more
Denial of Service attacks (DoS) affect numerous organizations connected to the Internet. They disrupt normal business...Read more