- Malware AppLocker for Containing Windows Malware in the Enterprise
AppLocker in Windows 7 and Server 2008 R2 can block known malicious executables based on publisher signature, file location, or hash—distributed centrally via Group Policy. This helps contain malware...
- Malware The Use of Social Engineering by Mobile Device Malware
Mobile malware spreads primarily through social engineering rather than exploits. Techniques include disguising trojans as legitimate apps (DroidDream looked like "Super Guitar Solo"), directing...
- Encryption What Information Security Can Learn from NYC Restaurant Inspections
NYC's restaurant letter grades publicly signal food safety compliance, motivating improvements—72% of initially failing restaurants improved to A or B on second inspection. InfoSec could benefit from...
- Malware Reflections Upon Deception-Based Security Tactics
Deception tactics for IT defense include network honeypots to detect lateral movement, host-based decoys like fake files and slow service emulators, and endpoint approaches that fool evasive malware...
- Tools Using Pastebin Sites for Pen Testing Reconnaissance
Pastebin sites can aid penetration testing reconnaissance—stolen data, source code snippets, configuration details, and employee information often appear there. Tools like Pastebin Parser search...
- Incident Response When Does a Suspicious Event Qualify as a Security Incident?
Distinguishing suspicious events from actual incidents is challenging—panicking at every alert wastes resources, while ignoring meaningful ones allows escalation. Each organization must decide its...