- Social Engineering Attackers Rely on Social Engineering to Activate Macros in Malicious Documents
Malicious document authors persuade victims to enable macros by claiming the security warning indicates protected content or by providing detailed step-by-step instructions for changing macro...
- Incident Response Speaking at the Forensic Lunch
- Malware Malware: Whom or What Are We Fighting?
Malware is a tool used by people to achieve objectives—security professionals aren't fighting the software itself but the individuals, companies, and nations behind it. Understanding the larger...
- Malware Participating in the Eternal Cycle of Cybersecurity
The fight between cyber attackers and defenders resembles an ecological cycle between predator and prey—the goal is equilibrium, not victory. Being complacent is risky because maintaining balance...
- Malware Researching Scams Helps Understand Human Vulnerabilities
Online scammers exploit predictable human vulnerabilities: starting scams in the physical world, customizing messages with victims' locations, appealing to vanity and self-interest, posing as...
- Encryption How Digital Certificates Are Used and Misused
Digital certificates enable HTTPS communications, software signing, VPNs, and Wi-Fi authentication, but the PKI ecosystem shows weaknesses. Attackers misuse stolen code-signing certificates, CAs...