- Malware Malvertising: How Malicious Ad Campaigns Are Protected
Attackers protect malvertising campaigns by obfuscating JavaScript and ActionScript code and timing attacks for weekends when ad network staff aren't working. Malicious logic activates after...
- Malware Malvertising: The Mechanics of Malicious Ads
Malicious ads redirect victims through chains of domains to exploit kits or social engineering sites. Flash-based ads embed ActionScript logic that can decide when and whom to attack, evade detection...
- Malware Malvertising: Some Examples of Malicious Ad Campaigns
Malicious banner ads have affected high-profile sites including New York Times, London Stock Exchange, Hoovers, and USNews through networks like DoubleClick, YieldManager, and Microsoft. The Spotify...
- Social Engineering The Targeted Attack Potential of Vanity Web Searches
Vanity web searches create targeted attack opportunities. Attackers can create pages with a target's name, wait for Google indexing, then add malware knowing the person will visit when alerts...
- Risk Management Cyber Warfare Encompasses Only Some Security Concerns
Cyberwar discussions focus on mega breaches, but thousands of small breaches occur hourly and may exceed economic losses of high-profile incidents. Military cyber capabilities don't help civilian...
- Risk Management Shrinking vs. Slicing the Pie of Online and Computer Crime
Most security defenses "slice the pie"—making your target less attractive shifts attackers elsewhere without reducing overall crime. "Shrinking the pie" requires disrupting the ecosystem: stronger...