- Malware Social Graph: The Holy Grail of Actionable Intelligence
Attackers harvest email and social networking data to construct organizational social graphs, identifying connectors whose accounts could send social engineering messages, new "clueless" employees...
- Malware Announcing the Certified APT Nerd (CAPTN) Credential
- Tools 4 Free Tools to Detect Local Insecure Browser Plugins
Four free tools can identify locally-installed browser plugins that need security patches: Google Chrome's built-in warnings and Secbrowsing extension, Mozilla's Plugin Check page, Qualys...
- Malware Advanced Persistent Threat Haiku
A haiku about advanced persistent threats (APT) and their lingering presence.
- Malware Analysis 3 Tools to Scan the File System With Custom Malware Signatures
Traditional antivirus tools don't allow custom signatures, but ClamAV, YARA, and Vscan let incident responders scan file systems for indicators of compromise without waiting for vendor updates. YARA...
- Assessments Security Assessment Report as a Critique, Not Criticism
Assessment reports deliver bad news, and a reader who feels personally attacked stops listening. Frame your findings as a critique of the situation rather than criticism of individuals, acknowledge...