Category: malware
LinkedIn and LOLBINs
Yet another example of how LinkedIn can be abused by the bad guys… a phishing campaign which used job titles scraped from user profiles to…
The elusive USB drive attack
Stories of hackers attacking companies by dropping malware infected USB flash drives in the firm’s parking lot are a standard infosec cautionary tale – don’t…
NIST & Microsoft partner for patching pointers
The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…
The (not paranoid enough) Android
The train wreck that is Android security continues… A new strain of malware by security firm Wandera found in China has the following charming characteristics,…
Great DerbyCon talk on hunting for the bad guys
It sometimes seems to me that a lack of data is not the issue when patrolling your networks for signs of evil badness… it is…
no, it’s not the end user’s fault
According to a survey released by endpoint security solution vendor Bromium, 79 percent of surveyed information security professionals view end users as their “number 1…
quick and dirty malware analysis
There are a number of web based tools that allow you to safely analyze the behavior of potentially malicious files safely. My personal favorite is…
another android vuln allows malicious code injection
Another day, another Android vulnerability which allows malicious actors to inject malicious code into Android applications without triggering cryptographic safeguards. And another reason to…
attackers are doing their homework – are you?
Some spear phishing wisdom from Security BSides SFO today… Rohyt Belani of PhishMe told an interesting story highlighting just how much research attackers do when…
gimme some of that old time religion (and malware)
According to a recent study by security firm Symantec, you are far more likely to encounter malware when visiting religious web sites than when visiting,…