PacketNut; Confessions of an Enterprise Information Security Architect

A blog for Security Architects, CISOs and anyone else responsible for protecting their organisation's information assets

Useful Info

Home
Companies that interest me

Tuesday, 22 August 2017

Definition of a Dropper

A dropper is a program (malware component) that has been designed to "install" some sort of malware (virus, backdoor, etc.) to a target system. The malware code can be contained within the dropper (single-stage) in such a way as to avoid detection by virus scanners or the dropper may download the malware to the target machine once activated (two stage)

https://en.wikipedia.org/wiki/Dropper_(malware)

Posted by Tony Brown at 01:58 7 comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

National Cyber Security Centre 10 Steps to (GDPR) Cyber Security

https://www.ncsc.gov.uk/guidance/10-steps-cyber-security

Posted by Tony Brown at 00:37 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Thursday, 10 August 2017

EDR vendors allegedly sharing sensitive information with VirusTotal

http://thehackernews.com/2017/08/fortune-1000-data-leak.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29

Posted by Tony Brown at 00:54 1 comment:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Wednesday, 9 August 2017

Original Lockheed Martin Kill Chain paper

http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf

Posted by Tony Brown at 01:01 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Saturday, 5 August 2017

This Week in Infosec - August 5th 2017

Marcus Hutchins arrested for allegedly writing Kronos

https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us

AlphaBay taken down

https://en.wikipedia.org/wiki/AlphaBay

Adobe to end-of-life Flash in 2020

Chinese white hat group hacks Tesla again

Merck and TNT severely hit by Petya.

Posted by Tony Brown at 06:12 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Sunday, 16 July 2017

Antivirus Industry's Dirty Little Secret

Interesting article about antivirus by KnowBe4

https://www.knowbe4.com/resources/antivirus-industrys-dirty-little-secret/

Posted by Tony Brown at 11:34 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Newer Posts Older Posts Home

Subscribe to: Posts (Atom)

Security News

Cybersecurity Insiders

Professionalization seen in Russian Cyber Crime groups linked to Ransomware
37 minutes ago
IBTimes.co.uk : Technology

'We Share No Blood, But He Is My Life': Who Is Matt Gaetz's 'Adopted Son' Nestor Galban?
2 hours ago
Techdirt.

Molson Coors Appeals The $56 Million Judgement In Stone Brewing Case
2 hours ago
Latest news and stories from BleepingComputer.com

Cyberattack at French hospital exposes health data of 750,000 patients
4 hours ago
The Register - Security

Five Scattered Spider suspects indicted for phishing spree and crypto heists
4 hours ago
Cybersecurity

Palo Alto Networks beat and raise fails to wow Wall Street. But that plays into our hand
5 hours ago
Risky Business

Srsly Risky Biz: The PLA's cyber operations go dark
5 hours ago
Cisco Blog

Deck the Halls with Cisco U. Learning Deals
8 hours ago
Google Online Security Blog

Leveling Up Fuzzing: Finding more vulnerabilities with AI
13 hours ago
Schneier on Security

Steve Bellovin’s Retirement Talk
13 hours ago
Cybercrime Magazine

Who’s managing cybersecurity at organizations that don’t have a CISO?
16 hours ago
Latest topics for ZDNet in Security

Update your iPhone, iPad, and Mac now to patch these serious zero-day security flaws
16 hours ago
The Hacker News

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
17 hours ago
ComputerWeekly: IT security

Apple addresses two iPhone, Mac zero-days
18 hours ago
Krebs on Security

Fintech Giant Finastra Investigating Data Breach
1 day ago
Daniel Miessler

Frontview Mirror: 2025 Edition
1 day ago
Cybercrime | The Guardian

What is hybrid warfare, which some fear Russia will use after Ukraine’s strike?
1 day ago
Security Intelligence

Communication platforms play a major role in data breach risks
1 day ago
Troy Hunt

Weekly Update 426
4 days ago
NCSC Site

Guidance for brands to help advertising partners counter malvertising
2 weeks ago
EFF Press Releases

EFF Launches Digital Rights Bytes to Answer Tech Questions that Bug Us All
2 weeks ago
Hacker Combat - Cyber Security and Hacking News | HackerCombat

Cloud Security Essentials
3 weeks ago
SecurityWeek RSS Feed

Zero-Day Breach at Rackspace Sparks Vendor Blame Game
1 month ago
IT SECURITY GURU

CyberSmart and e92plus Announce Partnership to Deliver Cyber Risk Management in the UK and Ireland
1 month ago
Motherboard US - Hacking US

The Teenager Who Lived a Secret Double Life as a Millionaire Crypto Bandit
5 months ago
Latest Security Articles from ComputerworldUK

Kill meetings (before meetings kill your company)
7 months ago
Errata Security

C can be memory safe, part 2
9 months ago
Dark Reading:

The Role of the CISO in Digital Transformation
11 months ago
Light Reading:

Energy- and Space-Efficient Security in Telco Networks
1 year ago
News – SC Media

New AI phishing tool FraudGPT tied to same group behind WormGPT
1 year ago
CSO Online

Most popular generative AI projects on GitHub are the least secure
1 year ago
Softpedia News / Security

Google Expands End-to-End Encryption for Gmail on the Web
1 year ago
Threatpost | The first stop for security news

Student Loan Breach Exposes 2.5M Records
2 years ago
DDoS Attacks

Link11 Discovers Record Number of DDoS Attacks in First Half of 2021
3 years ago
Feedspot Blog

Top 5 Ayurveda Forums, Discussions, Message Boards To Follow in 2021
3 years ago
Computer Business Review

Network transformation: The foundation for digital business
3 years ago
Bad Packets Report

Over 3,000 F5 BIG-IP endpoints vulnerable to CVE-2020-5902
4 years ago
Cybersecurity Zen

SecureNinja ▶︎ Live Instructor-Led Online Training
4 years ago
Ars Technica » Risk Assessment

What the newly released Checkra1n jailbreak means for iDevice security
5 years ago
US-CERT Tips

Privacy and Mobile Device Apps
5 years ago
CRN

WATCH: Digital Guardian Exec On How Its Move To The Cloud Benefits Partners
6 years ago
SecurityRoundTable.org

Why A ‘Cloud Architect’ Should Be on Your Hiring Agenda
6 years ago
WIRED » Threat Level

Feds Charge NSA Contractor Accused of Exposing Russian Hacking
7 years ago
Forbes - Security

What Trump Can Learn From The Man Who Built Israel's Border Walls
7 years ago
Security | The Silicon Review

Is it true that internet has penetrated only to handful of the Indian population?!
7 years ago
Latest articles from SC Magazine UK

400% increase in POS malware variants across US Thanksgiving weekend
7 years ago
Blog - devsecops

DevSecOps is the Krav Maga of Security
8 years ago
Graham Cluley
AlienVault Blogs
SearchSecurity: Security Wire Daily News
Infosecurity Europe Blog
RSA Conference Blog
Security Boulevard

Show 10 Show All

Vendors

CloudFlare

Resilient Internet connectivity in Europe mitigates impact from multiple cable cuts
8 hours ago
The Akamai Blog

Managing AI Bots as Part of Your Overall Bot Management Strategy
10 hours ago
Rapid7 Blog

Multiple Vulnerabilities in Wowza Streaming Engine (Fixed)
13 hours ago
Heimdal Security Blog

VMware vCenter Users Risk RCE Attacks. Two Flaws Exploited in the Wild
14 hours ago
Varonis Blog

Introducing Varonis for Google Cloud
14 hours ago
Palo Alto Networks Blog

Automation in Action — How 3 Customers Revolutionized SecOps with XSOAR
16 hours ago
Malwarebytes Unpacked

“Sad announcement” email leads to tech support scam
16 hours ago
Cisco Blog » Security

Quantum Cryptography: What’s Coming Next
17 hours ago
AWS Security Blog

Securing the RAG ingestion pipeline: Filtering mechanisms
1 day ago
Imperva Cyber Security Blog

Imperva and the Secure by Design Pledge: A Commitment to Cybersecurity Excellence
1 day ago
Tenable Blog

Volt Typhoon: What State and Local Government Officials Need to Know
1 day ago
Packet Pushers - Briefings In Brief

Tech Bytes: MinIO Optimizes Object Storage for AI Infrastructure (Sponsored)
2 days ago
ThreatConnect | Enterprise Threat Intelligence Platform

Five Quick Tips to Enhance Your Threat Hunting Program
2 days ago
Centrify Cloud Service Status - Incident History

Secret Server Cloud Patch - All Regions
5 days ago
Recorded Future

Russian Sabotage Activities Escalate Amid Fraught Tensions
1 week ago
ClearSky Cybersecurity

CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild
1 week ago
CyberArk

How New CyberArk and Wiz Integrations Enhance Multi-Cloud Security
1 week ago
We Live Security » Languages » English

Life on a crooked RedLine: Analyzing the infamous infostealer’s backend
1 week ago
Arbor Networks Threat Intelligence

DDoS Attacks Against Japan
4 weeks ago
Fooling the Interpreter

Bypassing Whitelists With XSS Payloads in Attributes
5 weeks ago
TaoSecurity

What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
5 weeks ago
Check Point Blog

Hispanic Heritage Month Spotlight: Bill Diaz
2 months ago
Liquidmatrix Security Digest

Liquidmatrix Security Digest Podcast – Episode 7E
3 months ago
Postmodern Security

Let’s Stop the Security Shaming
5 months ago
Errata Security

C can be memory safe, part 2
9 months ago
Naked Security

Update on Naked Security
1 year ago
Anomali Blog

Anomali Cyber Watch: Cadet Blizzard - New GRU APT, ChamelDoH Hard-to-Detect Linux RAT, Stealthy DoubleFinger Targets Cryptocurrency
1 year ago
Securosis Highlights

The THIRTEENTH Annual Disaster Recovery Breakfast: Changing of the Guard
1 year ago
blog.trendmicro.co.uk

Delivering visibility, control and simplified security to Bathgate Group
2 years ago
TrendLabs Security Intelligence Blog

Finest Free Torrenting VPNs
2 years ago
AlienVault Blogs

This feed has moved and will be deleted soon. Please update your subscription now.
3 years ago
Carbon Black

VMware Carbon Black Delivers High-Fidelity Insight at Every Step of MITRE Engenuity ATT&CK® Evaluation
3 years ago
CipherCloud

CipherCloud and Lookout Blaze a New Path Together – Redefining Security from Endpoint to Cloud
3 years ago
Inside The Threat Blog by Lancope

This feed has moved and will be deleted soon. Please update your subscription now.
4 years ago
Skybox Security Blog – Cybersecurity from The Skybox View

Salt Vulnerabilities Exploited with Targeted Cryptomining Attack on DigiCert
4 years ago
Zscaler Research

Frenchy – Shellcode in the Wild
4 years ago
Cisco Blog » Threat Research

How Adversaries Use Politics for Compromise
5 years ago
Preempt Blog

Why Insider Threat Denial is Everyone’s Problem
5 years ago
Network Security Blog

Lucky Break
6 years ago
Threat Research

BIOS Boots What? Finding Evil in Boot Code at Scale!
6 years ago
Threat Intelligence

Lojack Becomes a Double-Agent
6 years ago
Fortinet Blog

Securing the Network: What Three Key Verticals Require
6 years ago
Cyphort

Equifax Breach: The News We All Dreaded to Hear.
7 years ago
Speaking of Security - The RSA Blog and Podcast

A Security Decision – Build or Buy
7 years ago
Metasploit

Metasploit Wrapup
7 years ago
Threat Geek

Reducing Detection from Months to Minutes: Detecting Credentials in the Clear
7 years ago
Lockheed Martin Cybersecurity Blog

How Threat Intelligence Can Increase an Organization’s Cybersecurity Maturity
8 years ago
iSIGHT Partners

ThreatScape Media Highlights Update – Week Of June 8th
8 years ago
LogRhythm: The Dialog - The Security Intelligence Company

Getting Started with Threat Intelligence
9 years ago
IBM Internet Security Systems Internet Threat Information

Multiple Adobe Flash Player code execution vulnerabilities
9 years ago
Our Blog | Core Security
Comments on: The Top 10 AlgoSec Blog Posts From 2018
Farsight Security Blog
Trustwave Newsroom
Darktrace Blog
Darktrace Blog
SentinelOne
Cylance Blog

Show 10 Show All

Blog Archive

► 2020 (2)
- ► May (2)

► 2019 (35)
- ► December (2)
- ► November (2)
- ► October (6)
- ► September (5)
- ► August (1)
- ► June (1)
- ► February (4)
- ► January (14)

► 2018 (4)
- ► December (2)
- ► September (1)
- ► April (1)

▼ 2017 (6)
- ▼ August (5)
- ► July (1)
  - Antivirus Industry's Dirty Little Secret

► 2016 (1)
- ► January (1)

► 2015 (4)
- ► September (4)

► 2013 (3)
- ► April (1)
- ► March (1)
- ► February (1)

About Me

Tony Brown: Enterprise Security Solutions Architect at global service provider. CCIE #8767. CISSP. Chartered Engineer. MSc. in Information Security. CCDE 2011:6 Chartered IT Professional. Member of the Institute of Information Security Professionals. Blah blah blah

View my complete profile

Awesome Inc. theme. Powered by Blogger.