Category: malware

LinkedIn and LOLBINs

Yet another example of how LinkedIn can be abused by the bad guys… a phishing campaign which used job titles scraped from user profiles to…

Continue Reading

The elusive USB drive attack

Stories of hackers attacking companies by dropping malware infected USB flash drives in the firm’s parking lot are a standard infosec cautionary tale – don’t…

Continue Reading

NIST & Microsoft partner for patching pointers

The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…

Continue Reading

The (not paranoid enough) Android

The train wreck that is Android security continues… A new strain of malware by security firm Wandera found in China has the following charming characteristics,…

Continue Reading

Great DerbyCon talk on hunting for the bad guys

It sometimes seems to me that a lack of data is not the issue when patrolling your networks for signs of evil badness… it is…

Continue Reading

no, it’s not the end user’s fault

According to a survey released by endpoint security solution vendor Bromium, 79 percent of surveyed information security professionals view end users as their “number 1…

Continue Reading

quick and dirty malware analysis

There are a number of web based tools that allow you to safely analyze the behavior of potentially malicious files safely.  My personal favorite is…

Continue Reading

another android vuln allows malicious code injection

Another day, another Android vulnerability which allows malicious actors to inject malicious code into Android applications without triggering cryptographic safeguards.   And another reason to…

Continue Reading

attackers are doing their homework – are you?

Some spear phishing wisdom from Security BSides SFO today… Rohyt Belani of PhishMe told an interesting story highlighting just how much research attackers do when…

Continue Reading

gimme some of that old time religion (and malware)

According to a recent study by security firm Symantec, you are far more likely to encounter malware when visiting religious web sites than when visiting,…

Continue Reading