Articles on Tools
- Tools Common Failures of Information Security Tools (Part 2) HIPS can miss attacks or wrongly block legitimate actions. Log management may fail to capture necessary events or confuse analysts with poor reporting. Vulnerability management tools may miss patches...
- Tools Common Failures of Information Security Tools (Part 1) Security tools have side effects like medicine. Network firewalls cause connectivity issues; WAFs block legitimate traffic after site updates and are difficult to troubleshoot; antivirus tools may...
- Social Networking Which Apps Are Authorized to Access Your Social Networking Accounts? Attackers may target less secure third-party apps authorized to access social networking accounts rather than attacking the platforms directly. Periodically review and deauthorize unused apps on...
- Social Networking Exploring LinkedIn Look-Alike Email Spam Campaigns LinkedIn-themed spam effectively distributes malicious links because users are conditioned to receive and click LinkedIn emails—often without visiting the site directly. Campaigns have led to exploit...
- Malware AppLocker for Containing Windows Malware in the Enterprise AppLocker in Windows 7 and Server 2008 R2 can block known malicious executables based on publisher signature, file location, or hash—distributed centrally via Group Policy. This helps contain malware...
- Malware The Use of Social Engineering by Mobile Device Malware Mobile malware spreads primarily through social engineering rather than exploits. Techniques include disguising trojans as legitimate apps (DroidDream looked like "Super Guitar Solo"), directing...