- Malware The Use of Social Engineering by Mobile Device Malware
Mobile malware spreads primarily through social engineering rather than exploits. Techniques include disguising trojans as legitimate apps (DroidDream looked like "Super Guitar Solo"), directing...
- Malware Learn Better Security Breach PR from Harold Sun's Halfhearted Apology
Herald Sun's website was compromised to serve rogue antivirus, but their brief apology offered few details and underplayed the risk. Better post-incident communications require promptness, clarity,...
- Malware The Changing Landscape of Malware for Mobile Devices
Mobile malware targets sensitive transactions including banking and two-factor authentication. ZeuS variants intercept SMS authentication codes across Symbian, BlackBerry, Windows Mobile, and...
- Deception Reflections Upon Deception-Based Security Tactics
Deception in defense predates computing, yet each generation of attacker tooling has forced defenders to invent fresh decoys to keep their edge. From WW2 misdirection to today's decoy AI-agent...
- Authentication The Use of Pastebin for Sharing Stolen Data
Attackers use Pastebin for sharing stolen data because it's easy, handles large text, doesn't require registration, and doesn't proactively moderate. Trending pastes often include compromised...
- Social Networking When Bots Use Social Media for Command and Control
Malware authors use social media for command and control because HTTP traffic rarely gets blocked and blends into normal browsing. Examples include banking trojans retrieving instructions from...