Articles on Malware
- Malware Disambiguate "Zero-Day" Before Considering Countermeasures The term "zero-day" can refer to vulnerabilities for which no patch exists, or to malware with no known detection pattern—two distinct threats requiring different countermeasures. Using "zero-day" as...
- Malware The History of Fileless Malware - Looking Beyond the Buzzword The term "fileless malware" originated with Code Red worm in 2001 and initially meant malware that remained solely in memory. It evolved to encompass specimens that avoid placing malicious...
- Cloud Run Metasploit Framework as a Docker Container Without Installation Pains Running Metasploit Framework in a Docker container avoids the pain of installing the tool and its dependencies. The approach is especially useful for quickly deploying to a cloud server for...
- Risk Management Information Security Measures Commensurate With Risky Behavior Security safeguards could be applied selectively based on users' demonstrated tendency toward risky computer behavior—people whose systems were frequently infected or who clicked simulated phishing...
- Malware Tunneling Data and Commands Over DNS to Bypass Firewalls Adversaries can tunnel command and control traffic through DNS queries to bypass firewalls, even when environments restrict outbound DNS to trusted servers. Tools like dnscat2 demonstrate how easily...
- Tools Generating Domain Name Variations Used in Phishing Attacks Phishing attackers register domain names similar to targeted organizations using techniques like bitsquatting, homoglyphs, letter repetition, transposition, and typos. Tools like dnstwist and...