- Malware Who Was the First to Use the Term Exfiltration in Cybersecurity?
The term "exfiltration" in cybersecurity—referring to data leaving a compromised network—appears to originate from military terminology about withdrawing troops from dangerous positions. The earliest...
- Incident Response Some Facts and Conjecture About the VeriSign Data Breach
VeriSign's 2011 SEC filing disclosed a 2010 breach where information was exfiltrated from compromised corporate systems. The APT-style attack characteristics and inability to assess future misuse of...
- Malware Assigning Descriptive Names to Malware - Why and How?
Security researchers assign descriptive names to high-profile malware based on file names, registry keys, or embedded strings—whoever coins the name that sticks gets bragging rights. Duqu was named...
- Malware How Antivirus Software Works: 4 Detection Techniques
Antivirus tools use four main detection techniques: signature-based (static fingerprints of known malware), heuristics-based (suspicious characteristics without exact matches), behavioral (observing...
- Malware Capabilities and Limitations of Enterprise Antimalware Suites
Modern enterprise antimalware suites include traditional AV, spyware and rootkit protection, host firewalls, browser security, email filtering, cloud-based analysis, and centralized management....
- Assessments Looking for Infected Systems as Part of a Security Assessment
Security assessments often produce predictable results—missing patches—so consider adding malware detection tasks. Techniques include identifying unmanaged systems, analyzing autorun entries for...