- Social Networking When Bots Control Content on Social Networking Sites
Bots on social networks build fake friendships to improve reputation, mimic human profiles to evade detection, and flood discussions with spam to drown out legitimate content. Social networking sites...
- Malware When Malware Distributes Links Through Social Networks
Malware like Koobface spreads on social networks by posting links from compromised accounts—people click because they trust friends' shares. Telling users to stop clicking won't work. Better tools...
- Malware The Worrisome State of the Information Security Industry
The security industry faces fundamental problems: tools don't cater to our needs, vendors misrepresent capabilities, professionals preach to the choir rather than connecting with colleagues, spending...
- Malware Metrics for Measuring Enterprise Malware Defenses
Tracking "infections caught" provides little insight because changes could reflect better detection or just more attacks. More useful metrics include percentage of systems with current AV signatures,...
- Tools Mitigating Attacks on the Web Browser and Add-Ons
Drive-by exploits target vulnerabilities in browsers and add-ons like Java, Adobe Reader, and Flash. Defense involves sandboxing (Chrome, IE, Adobe Reader X), tightening settings via Group Policy,...
- Tools Mitigating Attacks on the User of the Web Browser
Browsers are improving protection against socially-engineered malware. Internet Explorer's SmartScreen includes application reputation tracking—warning users about executables without reputation...