Articles on Malware
- Malware Disambiguate "Zero-Day" Before Considering Countermeasures The term "zero-day" can refer to vulnerabilities for which no patch exists, or to malware with no known detection pattern—two distinct threats requiring different countermeasures. Using "zero-day" as...
- Malware The History of Fileless Malware - Looking Beyond the Buzzword The term "fileless malware" originated with Code Red worm in 2001 and initially meant malware that remained solely in memory. It evolved to encompass specimens that avoid placing malicious...
- Malware How Would You Detect and Impede Ransomware on an Endpoint? Anti-ransomware tools can detect malicious encryption by flagging processes that read or write too many files too quickly, or by monitoring for changes to files' entropy values. Decoy files that...
- Cloud Run Metasploit Framework as a Docker Container Without Installation Pains Running Metasploit Framework in a Docker container avoids the pain of installing the tool and its dependencies. The approach is especially useful for quickly deploying to a cloud server for...
- Cloud How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions Honeytokens are data or computing resources that exist solely to alert you when someone accesses them, offering intrusion detection with relatively low false positives. The open source Canarytokens...
- Risk Management Information Security Measures Commensurate With Risky Behavior Security safeguards could be applied selectively based on users' demonstrated tendency toward risky computer behavior—people whose systems were frequently infected or who clicked simulated phishing...