- Social Engineering Attackers Are Attracted to Email Like Flies to Honey
Email contains business plans, credentials, and sensitive data that attackers harvest after compromising systems—either from local PST files or directly from Exchange servers. Mitigations include...
- Incident Response Tips for Starting a Security Incident Response Program
Create a hierarchy of incident response documents: brief executive-level policy, detailed procedures for technical managers, and guidelines/checklists for responders. Keep them succinct using bullet...
- Malware More Metrics for Measuring Enterprise Malware Defenses
Additional malware defense metrics to track: where on systems malware was present (indicating which defenses failed), ratio of real-time versus scheduled scan detections, reinfection rates within 3...
- Social Engineering How the Scarcity Principle is Used in Online Scams and Attacks
The scarcity principle—people value less available opportunities more—powers online scams: fake expiration countdowns, CAPTCHAs before malware downloads, and login screens blocking desired content....
- Social Networking A Quick Look at Defensio for Protecting Facebook Activities
Websense Defensio is a Facebook app that alerts users to spam, malware distribution attempts, and links to undesirable content. Due to Facebook API limitations, it can only alert rather than...
- Malware Getting to Know Larry Seltzer (Not Lenny Zeltser)