My Writing

• Social Engineering Misleading Trademark Registration Invoices and Scams
  Misleading trademark registration "invoices" solicit fees for private registry listings that provide little value, while appearing to be official government bills. These schemes have operated for...
• Social Engineering How to Send Customer Emails That Don't Look Like Phishing
  Many legitimate business emails look indistinguishable from phishing attempts, training customers to accept fraudulent messages. Secure customer messages should avoid deep links, come from validated...
• Malware How Would You Detect and Impede Ransomware on an Endpoint?
  Anti-ransomware tools can detect malicious encryption by flagging processes that read or write too many files too quickly, or by monitoring for changes to files' entropy values. Decoy files that...
• Cloud Run Metasploit Framework as a Docker Container Without Installation Pains
  Running Metasploit Framework in a Docker container avoids the pain of installing the tool and its dependencies. The approach is especially useful for quickly deploying to a cloud server for...
• Cloud How You Can Set up Honeytokens Using Canarytokens to Detect Intrusions
  Honeytokens are data or computing resources that exist solely to alert you when someone accesses them, offering intrusion detection with relatively low false positives. The open source Canarytokens...
• Malware Analysis How to Share Malware Samples With Other Researchers
  Sharing malware samples with other researchers requires password-protecting archives with passwords like "infected" or "malware" to get past antivirus scanners. Using the 7-Zip format with encrypted...