- Malware Capabilities and Limitations of Enterprise Antimalware Suites
Modern enterprise antimalware suites include traditional AV, spyware and rootkit protection, host firewalls, browser security, email filtering, cloud-based analysis, and centralized management....
- Tools Using ICMP Reverse Shell to Remotely Control a Host
ICMP can create covert command-and-control channels that cross many firewalls since organizations often allow ping traffic. The icmpsh tool demonstrates this—a Windows victim issues ICMP echo-request...
- Incident Response Network DDoS Incident Response Cheat Sheet
DDoS response requires preparation before attacks occur: establish ISP contacts, create allowlists of critical source IPs, lower DNS TTLs, and document infrastructure. During attacks, analyze traffic...
- Tools Design Information Security With Failure in Mind
Security controls will eventually fail despite best intentions—design architecture to detect suspicious activities early and limit incident scope when breaches occur. Like boats engineered to stay...
- Tools Common Failures of Information Security Tools (Part 1)
Security tools have side effects like medicine. Network firewalls cause connectivity issues; WAFs block legitimate traffic after site updates and are difficult to troubleshoot; antivirus tools may...
- Malware The Worst Information Security Advice Ever
A collection of terrible security advice gathered from Twitter: use short passwords, rely solely on firewalls for protection, skip testing before production deployment, avoid logging to prevent...