- Malware 4 Steps to Combat Malware Enterprise-Wide: New Article
Treating malware infections as independent events--cleaning up and moving on--doesn't keep pace with evolving attack tactics. Effective enterprise malware defense requires detecting propagation...
- Malware Understanding Computer Attack and Defense Techniques
Modern attacks combine social engineering to bypass technical defenses, client-side exploits targeting browsers and add-ons, web application vulnerabilities like SQL injection, and persistent...
- Incident Response Incorporating Mobile Devices into Enterprise Security
Enterprise security hasn't kept up with consumerization—powerful mobile devices often have VPN access and email but lack mature OS security controls. Organizations need greater network segmentation,...
- Networking Pros and Cons of Virtual Patching to Address Vulnerabilities
Virtual patching blocks attack vectors exploiting vulnerabilities using IPS, WAF, or database security tools—buying time to develop proper fixes. The danger is complacency: organizations with virtual...
- Web Security Researching Malicious Websites: A Few Tips
Malicious sites evade researchers by checking User-Agent and Referer headers, computing redirects via JavaScript, using nonces, and denylisting IPs. Bypass these defenses by faking browser headers,...
- Malware Analyzing Suspicious PDF Files With PDF Stream Dumper
PDF Stream Dumper is a free Windows tool with GUI for analyzing suspicious PDFs. It scans for known exploits, navigates object structures, decodes streams, and includes a JavaScript interpreter for...