- Tools Generating Domain Name Variations Used in Phishing Attacks
Phishing attackers register domain names similar to targeted organizations using techniques like bitsquatting, homoglyphs, letter repetition, transposition, and typos. Tools like dnstwist and...
- Incident Response Report Template for Threat Intelligence and Incident Response
Large-scale intrusions require organizing intelligence about adversary actions and response efforts. A threat intelligence report template leveraging the Intrusion Kill Chain, Courses of Action...
- Malware Analysis Version 6 Release of the REMnux Linux Distro for Malware Analysis
REMnux v6 updates existing malware analysis tools and introduces new ones including pedump, VolDiff, Rekall, oletools, and Docker support. Built on Ubuntu 14.04 64-bit with Debian packages, users can...
- Social Engineering Website Backup Company's Misleading "Invoices" Suggest a Scam
WebsiteBackup Company sent unsolicited letters resembling invoices to businesses, confusing recipients into thinking they owed payment for services they never ordered. The letters lacked the legally...
- Malware Conversation With a Tech Support Scammer
Tech support scammers use scareware web pages to convince visitors their PCs are infected, then employ consultative sales tactics when victims call for help. Representatives use legitimate remote...
- Social Engineering The Manipulative Nature and Mechanics of Visitor Survey Scams
Visitor survey scams use multiple choice questions to provide an excuse for offering "rewards," then employ scarcity tactics and fake testimonials to persuade victims to provide credit card details...