Articles on Malware

• Incident Response Why Organizations Don't Prepare for Information Security Incidents
  Organizations fail to prepare for security incidents not because they're unaware of threats, but because they believe they personally won't be attacked and underestimate the disruptive effects of...
• Training Free Recorded Malware Forensics and Analysis Webcasts
• Risk Management Mutually-Assured Destruction as a Factor in Cyber Warfare
  Since no practical defense exists against nation-state cyber intrusions, countries may need to compromise adversaries' IT assets to establish mutually-assured destruction as a deterrent. Nations with...
• Malware How Malicious Code Can Run in Microsoft Office Documents
  Microsoft Office documents can execute malicious code through VBA macros (requiring social engineering to enable), exploit payloads targeting Office vulnerabilities, embedded Flash objects, or...
• Risk Management The Risks of Remote Desktop for Access Over the Internet
  Exposing RDP to direct Internet connections is risky—beyond credential-guessing opportunities, critical vulnerabilities like CVE-2012-0002 can allow remote code execution without authentication....
• Social Engineering An Example of SMS Text Phishing
  SMS phishing ('smishing') messages impersonate carriers like Verizon to direct victims to credential-harvesting websites using spoofed sender numbers and lookalike domains. Mobile users are...