- Assessments Write a Strong Executive Summary for Your Security Assessment Report
Most readers only see the executive summary, so put key takeaways there. Make it understandable to non-technical executives, connect findings to business relevance like risks and compliance, keep it...
- Authentication The Use of Pastebin for Sharing Stolen Data
Attackers use Pastebin for sharing stolen data because it's easy, handles large text, doesn't require registration, and doesn't proactively moderate. Trending pastes often include compromised...
- Social Networking When Bots Use Social Media for Command and Control
Malware authors use social media for command and control because HTTP traffic rarely gets blocked and blends into normal browsing. Examples include banking trojans retrieving instructions from...
- Incident Response When Does a Suspicious Event Qualify as a Security Incident?
Distinguishing suspicious events from actual incidents is challenging—panicking at every alert wastes resources, while ignoring meaningful ones allows escalation. Each organization must decide its...
- Incident Response The Critical Role of the Security Incident Response Coordinator
The incident response coordinator is the linchpin of IR efforts—tracking progress, coordinating team members, providing status updates, and channeling expertise. The ideal candidate knows IT, has...
- Malware Analysis Analyzing Suspicious PDF Files With Peepdf
Peepdf is a Python-based tool for analyzing malicious PDFs with an interactive shell for navigating file structures. It highlights suspicious objects like AcroForm, OpenAction, and JavaScript,...