- Incident Response Incident Response on 64-Bit Windows Using 32-Bit Tools
Windows' WOW64 File System Redirector transparently redirects 32-bit tools accessing System32 to SysWOW64, causing forensic investigators to examine the wrong files without realizing it. Stick to...
- Incident Response The Adversarial Cycle of Computer Attacks and Defenses
The adversarial cycle has four phases: Attack (unfettered), Detect (forming response), Defense (attack rendered ineffective), and Mutate (attacker adapts). Defenders shorten Attack/Detect through...
- Incident Response 9 Reasons for Denial-Of-Service (DoS) Attacks: Why Do They Happen?
DoS attacks happen for many reasons: extortion demands, turf wars between criminal groups, anticompetitive sabotage, punishment for refusing demands, political criticism, training grounds for future...
- Incident Response Network DDoS Incident Response Cheat Sheet
DDoS response requires preparation before attacks occur: establish ISP contacts, create allowlists of critical source IPs, lower DNS TTLs, and document infrastructure. During attacks, analyze traffic...
- Malware 5 Events in 2011 That Challenged Online Security and Trust Assumptions
- Tools Design Information Security With Failure in Mind
Security controls will eventually fail despite best intentions—design architecture to detect suspicious activities early and limit incident scope when breaches occur. Like boats engineered to stay...