- Tools How to Set Up a SpiderFoot Server for OSINT Research
SpiderFoot automates OSINT collection from numerous data sources, including Shodan and Have I Been Pwned, to gather intelligence about IPs, domains, and email addresses. Running the free, open source...
- Malware The History of Fileless Malware - Looking Beyond the Buzzword
The term "fileless malware" originated with Code Red worm in 2001 and initially meant malware that remained solely in memory. It evolved to encompass specimens that avoid placing malicious...
- Malware How Would You Detect and Impede Ransomware on an Endpoint?
Anti-ransomware tools can detect malicious encryption by flagging processes that read or write too many files too quickly, or by monitoring for changes to files' entropy values. Decoy files that...
- Product Management A Product Management Framework for Creating Security Products
Building a security product requires answering fundamental questions about market segmentation, product capabilities, sales engagement, pricing, and delivery. A lightweight framework that poses these...
- Assessments Experts Cannot Help Overstating Their Expertise
Self-proclaimed experts are more likely to claim knowledge of things they don't know, including nonexistent terms in their fields of expertise. This overclaiming tendency means security professionals...
- Networking A Close Look at PayPal Overpayment Scams That Target Craigslist Sellers
PayPal overpayment scams target Craigslist sellers using fake payment notifications that ask victims to wire funds to a third-party "pickup agent." Scammers craft stories about working in rural areas...