- Malware Reflections Upon Deception-Based Security Tactics
Deception tactics for IT defense include network honeypots to detect lateral movement, host-based decoys like fake files and slow service emulators, and endpoint approaches that fool evasive malware...
- Tools Using Pastebin Sites for Pen Testing Reconnaissance
Pastebin sites can aid penetration testing reconnaissance—stolen data, source code snippets, configuration details, and employee information often appear there. Tools like Pastebin Parser search...
- Incident Response When Does a Suspicious Event Qualify as a Security Incident?
Distinguishing suspicious events from actual incidents is challenging—panicking at every alert wastes resources, while ignoring meaningful ones allows escalation. Each organization must decide its...
- Malware 8 Practical Tips for Detecting a Website Compromise for Free
Detect website compromises using host intrusion detection tools like OSSEC, network IDS watching for anomalies, and centralized log review. Tactical measures include scanning for iframes and...
- Malware Malvertising: How Malicious Ad Campaigns Are Protected
Attackers protect malvertising campaigns by obfuscating JavaScript and ActionScript code and timing attacks for weekends when ad network staff aren't working. Malicious logic activates after...
- Malware Malvertising: Some Examples of Malicious Ad Campaigns
Malicious banner ads have affected high-profile sites including New York Times, London Stock Exchange, Hoovers, and USNews through networks like DoubleClick, YieldManager, and Microsoft. The Spotify...