- Incident Response When Does a Suspicious Event Qualify as a Security Incident?
Distinguishing suspicious events from actual incidents is challenging—panicking at every alert wastes resources, while ignoring meaningful ones allows escalation. Each organization must decide its...
- Incident Response The Critical Role of the Security Incident Response Coordinator
The incident response coordinator is the linchpin of IR efforts—tracking progress, coordinating team members, providing status updates, and channeling expertise. The ideal candidate knows IT, has...
- Malware Analysis Analyzing Suspicious PDF Files With Peepdf
Peepdf is a Python-based tool for analyzing malicious PDFs with an interactive shell for navigating file structures. It highlights suspicious objects like AcroForm, OpenAction, and JavaScript,...
- Malware A Delusive Sense of Security in Walled Gardens
Walled gardens like Facebook, corporate networks, and smartphone app stores encourage users to lower their guard, creating false security assumptions that scammers exploit. People click more readily...
- Authentication We Still Suck at Protecting Logon Credentials
Recent breaches at Lockheed Martin, Mt. Gox, PBS, and Sony PlayStation show we still fail at protecting credentials. Attackers compromise them via remote password guessing, SQL injection to retrieve...
- Malware 11 Recommendations for Coming Up to Speed on Bitcoin
Bitcoin represents a precursor to future distributed online payment approaches. Security implications include compromised computers being used for mining, trojans designed to steal Bitcoin wallets,...