Collaborate Disseminate
Here is my next Gartner webinar; this one is focused on network traffic use for detection and response. Title: Modern Network Threat Detection and Response Date: January 29, 2019 Time: EST: 11:00 a.m. | PDT: 8:00 a.m. | GMT: 16:00 Register: h… Continue reading Upcoming Webinar: Modern Network Threat Detection and Response
Detecting infected files in a website or web application is very easy: you just need to compare the files with a clean backup or the original source (for example with diff) and that’s it. However, detecting an infection in a … Continue reading How can I detect an infection in a database?
In this 35C3 talk, it is said that while it is possible to manually inspect whether a package optimizes away memset() that clears sensitive memory, doing it automatically would be challenging. Assuming that the binary is comp… Continue reading What makes detection of optimized-away memory clearing non-trivial?
An old adage is that if an adversary physically accessed your system, you should consider it compromised. My question is, what if they could have, but you have no evidence they did?
For example, let us say that you were walk… Continue reading Should you consider a system compromised if someone could have physically accessed it, but you have no evidence they did?
Every article I have read on backdoor attack prevention says pretty much this:
Protecting against them may be difficult.
I am tired of reading how it can be ~difficult~ to protect against. Difficult is a fuzzy word. I w… Continue reading 100% detectable backdoor attacks on network
I’m working on my thesis and I have a couple questions about differences between heuristics-based and behavioral malware detection.
Does heuristics-based detection rely only on statically examining malcode in order to find s… Continue reading Heuristics-based vs behavioral malware detection
The malware does its best to obfuscate SEO injection in WordPress and evade notice from web admins. Continue reading WordPress Targeted with Clever SEO Injection Malware
When a customer talks with a representative of a company in a chat on a web-page, it is possible that they are actually sending every keystroke to their server before you hit the enter or click the send button.
You are barte… Continue reading Does Real-time typing view in chats invades privacy? Are there any detection and prevention methods?
When a customer talks with a representative of a company in a chat on a web-page, it is possible that they are actually sending every keystroke to their server before you hit the enter or click the send button.
You are barte… Continue reading Does Real-time typing view in chats invades privacy? Are there any detection and prevention methods?
This is a debate post, and not a position post. The question alluded therein (hey… I said “alluded therein” to sound like Dan Geer, no?) has been bugging us for some time, perhaps for 2+ years. However, we deferred this debate and hid… Continue reading Deception vs Analytics, or Can Analytics Catch True Unknown Unknowns?