My Writing

• Malware Analysis Joining Minerva Labs to Keep Malware in Check
  Anti-malware products can employ deception-based approaches, such as fooling malware into thinking it's running in an analysis sandbox or simulating infection markers that specimens check to avoid...
• Career Reflections of a Security Professional: Podcast Interview
  A career in information security involves learning from failures, being inspired by others, and developing business and communication skills alongside technical expertise. Professional certifications...
• Social Engineering Misleading Trademark Registration Invoices and Scams
  Misleading trademark registration "invoices" solicit fees for private registry listings that provide little value, while appearing to be official government bills. These schemes have operated for...
• Social Engineering How to Send Customer Emails That Don't Look Like Phishing
  Customer emails that look like phishing weaken the recipient's ability to distinguish real messages from fraud. Secure customer email must shift the burden from the recipient's eye to authentication...
• Cloud Run Metasploit Framework as a Docker Container Without Installation Pains
  Running Metasploit Framework in a Docker container avoids the pain of installing the tool and its dependencies. The approach is especially useful for quickly deploying to a cloud server for...
• Malware Analysis How to Share Malware Samples With Other Researchers
  Sharing malware samples with other researchers requires password-protecting archives with passwords like "infected" or "malware" to get past antivirus scanners. Using the 7-Zip format with encrypted...