- Web Security Researching Malicious Websites: A Few Tips
Malicious sites evade researchers by checking User-Agent and Referer headers, computing redirects via JavaScript, using nonces, and denylisting IPs. Bypass these defenses by faking browser headers,...
- Malware Analyzing Suspicious PDF Files With PDF Stream Dumper
PDF Stream Dumper is a free Windows tool with GUI for analyzing suspicious PDFs. It scans for known exploits, navigates object structures, decodes streams, and includes a JavaScript interpreter for...
- Malware Computer Threats Evolve Towards Focused, Nimble Tactics
Modern intrusions increasingly use well-planned, nimble, focused strategies rather than brute-force attacks alone. Attackers study business inner-workings to locate valuable data—scraping card...
- Social Engineering Attackers Are Attracted to Email Like Flies to Honey
Email contains business plans, credentials, and sensitive data that attackers harvest after compromising systems—either from local PST files or directly from Exchange servers. Mitigations include...
- Malware More Metrics for Measuring Enterprise Malware Defenses
Additional malware defense metrics to track: where on systems malware was present (indicating which defenses failed), ratio of real-time versus scheduled scan detections, reinfection rates within 3...
- Social Networking A Quick Look at Defensio for Protecting Facebook Activities
Websense Defensio is a Facebook app that alerts users to spam, malware distribution attempts, and links to undesirable content. Due to Facebook API limitations, it can only alert rather than...