- Incident Response Some Facts and Conjecture About the VeriSign Data Breach
VeriSign's 2011 SEC filing disclosed a 2010 breach where information was exfiltrated from compromised corporate systems. The APT-style attack characteristics and inability to assess future misuse of...
- Authentication Anticipating The Future of User Account Access Sharing
Roughly one in three teens share passwords as expressions of trust, much like giving out school locker combinations. Adults also share credentials for practical reasons—Netflix accounts, admin...
- Malware Analysis Free Automated Malware Analysis Sandboxes and Services
Free hosted malware analysis sandboxes automate the examination of suspicious files, providing capability overviews that help analysts prioritize follow-up work. This curated list includes services...
- Malware Analysis What to Include in a Malware Analysis Report
A malware analysis report should cover identification details (hashes, AV names), specimen characteristics and dependencies, behavioral and code analysis findings, supporting figures, and indicators...
- Malware Analysis REMnux Usage Tips for Malware Analysis on Linux
REMnux provides a curated Linux environment for malware analysis, with tools organized by task: Windows PE analysis, Linux binaries, documents, network interactions, memory forensics, and data...
- Assessments Tips for Creating a Strong Cybersecurity Assessment Report
Creating a strong security assessment report requires analyzing data beyond tool output, prioritizing findings by risk, documenting methodology and scope, and providing practical remediation...