- Malware The Language and Nature of Fileless Attacks Over Time
The term "fileless" originated in 2001 to describe malware that existed solely in memory, but has expanded to encompass malicious documents, scripts, living-off-the-land techniques, and memory...
- Malware Making Sense of Microsoft's Endpoint Security Strategy
Microsoft is pursuing three endpoint security objectives: protecting the OS through baseline measures, motivating other vendors to innovate beyond commodity controls, and expanding enterprise revenue...
- Malware Retired Malware Samples: Everything Old is New Again
Legacy malware samples—like IRC-based backdoors with hidden backdoors, nuisance web pages that spawn endless windows, and Flash ads that hijack clipboards—demonstrate techniques that persist in...
- Social Engineering Scammers Use Breached Personal Details to Persuade Victims
Scammers include personal details from data breaches—such as passwords or phone numbers—in fraudulent messages to "prove" they have compromising information about their victims. These mass-mailed...
- Communication Cyber is Cyber is Cyber
The distinction between "cybersecurity" and "information security" is becoming academic as the world embraces "cyber" as the dominant term. Since non-specialists relate more to "cyber," security...
- Communication Communicating About Cybersecurity in Plain English: Haiku!
Security professionals often use language that guarantees their message will be ignored or misunderstood by non-technical audiences. Translating jargon-heavy policy text into sentences of no more...