- Malware Analyzing Suspicious PDF Files With PDF Stream Dumper
PDF Stream Dumper is a free Windows tool with GUI for analyzing suspicious PDFs. It scans for known exploits, navigates object structures, decodes streams, and includes a JavaScript interpreter for...
- Incident Response 5 Addictions of Information Security Professionals
Information security professionals develop habitual practices that can be detrimental: overly long policies, unrealistic mandates, gadget fascination, blind adherence to "best practices," and an...
- Malware Computer Threats Evolve Towards Focused, Nimble Tactics
Modern intrusions increasingly use well-planned, nimble, focused strategies rather than brute-force attacks alone. Attackers study business inner-workings to locate valuable data—scraping card...
- Social Engineering Attackers Are Attracted to Email Like Flies to Honey
Email contains business plans, credentials, and sensitive data that attackers harvest after compromising systems—either from local PST files or directly from Exchange servers. Mitigations include...
- Incident Response Tips for Starting a Security Incident Response Program
Create a hierarchy of incident response documents: brief executive-level policy, detailed procedures for technical managers, and guidelines/checklists for responders. Keep them succinct using bullet...
- Malware More Metrics for Measuring Enterprise Malware Defenses
Additional malware defense metrics to track: where on systems malware was present (indicating which defenses failed), ratio of real-time versus scheduled scan detections, reinfection rates within 3...