- Malware How Malicious Code Can Run in Microsoft Office Documents
Microsoft Office documents can execute malicious code through VBA macros (requiring social engineering to enable), exploit payloads targeting Office vulnerabilities, embedded Flash objects, or...
- Risk Management The Risks of Remote Desktop for Access Over the Internet
Exposing RDP to direct Internet connections is risky—beyond credential-guessing opportunities, critical vulnerabilities like CVE-2012-0002 can allow remote code execution without authentication....
- Social Engineering An Example of SMS Text Phishing
SMS phishing ('smishing') messages impersonate carriers like Verizon to direct victims to credential-harvesting websites using spoofed sender numbers and lookalike domains. Mobile users are...
- Malware Who Was the First to Use the Term Exfiltration in Cybersecurity?
The term "exfiltration" in cybersecurity—referring to data leaving a compromised network—appears to originate from military terminology about withdrawing troops from dangerous positions. The earliest...
- Incident Response Some Facts and Conjecture About the VeriSign Data Breach
VeriSign's 2011 SEC filing disclosed a 2010 breach where information was exfiltrated from compromised corporate systems. The APT-style attack characteristics and inability to assess future misuse of...
- Malware Assigning Descriptive Names to Malware - Why and How?
Security researchers assign descriptive names to high-profile malware based on file names, registry keys, or embedded strings—whoever coins the name that sticks gets bragging rights. Duqu was named...