- Incident Response Report Template for Threat Intelligence and Incident Response
Large-scale intrusions require organizing intelligence about adversary actions and response efforts. A threat intelligence report template leveraging the Intrusion Kill Chain, Courses of Action...
- Malware Analysis Version 6 Release of the REMnux Linux Distro for Malware Analysis
REMnux v6 updates existing malware analysis tools and introduces new ones including pedump, VolDiff, Rekall, oletools, and Docker support. Built on Ubuntu 14.04 64-bit with Debian packages, users can...
- Social Engineering Website Backup Company's Misleading "Invoices" Suggest a Scam
WebsiteBackup Company sent unsolicited letters resembling invoices to businesses, confusing recipients into thinking they owed payment for services they never ordered. The letters lacked the legally...
- Malware Conversation With a Tech Support Scammer
Tech support scammers use scareware web pages to convince visitors their PCs are infected, then employ consultative sales tactics when victims call for help. Representatives use legitimate remote...
- Social Engineering The Manipulative Nature and Mechanics of Visitor Survey Scams
Visitor survey scams use multiple choice questions to provide an excuse for offering "rewards," then employ scarcity tactics and fake testimonials to persuade victims to provide credit card details...
- Authentication The Reports of Passwords' Demise Have Been Greatly Exaggerated
Passwords remain ubiquitous, but how we use them is changing. Biometric authentication lets people enter passwords less frequently, password vaults make complex credentials practical, and two-factor...