My Writing
- Social Engineering The Manipulative Nature and Mechanics of Visitor Survey Scams Visitor survey scams use multiple choice questions to provide an excuse for offering "rewards," then employ scarcity tactics and fake testimonials to persuade victims to provide credit card details...
- Authentication The Reports of Passwords' Demise Have Been Greatly Exaggerated Passwords remain ubiquitous, but how we use them is changing. Biometric authentication lets people enter passwords less frequently, password vaults make complex credentials practical, and two-factor...
- Authentication How Yahoo's New On-Demand Passwords Feature Works Yahoo's on-demand passwords feature sends one-time codes via SMS instead of requiring users to remember traditional credentials. This approach balances convenience with security, though it means...
- Malware Analysis Contemplating Malware Vaccination via Infection Markers Some malware checks for infection markers like mutexes, registry keys, or processes to avoid infecting systems twice. Preemptively creating these markers can vaccinate systems against specific...
- Social Networking Scammers Prescreen Victims for Tech Support Scams via Twitter and Phone Tech support scammers use Twitter bots to respond to public messages containing words like "virus" and "malware," inviting potential victims to call phone numbers where automated systems profile...
- Malware Analysis Getting to Know Jan Miller and His Hybrid Malware Analysis Sandbox Combining static and dynamic analysis in malware sandboxes extracts more artifacts and indicators than pure runtime behavior observation alone. This "hybrid analysis" approach addresses...