PacketNut; Confessions of an Enterprise Information Security Architect

A blog for Security Architects, CISOs and anyone else responsible for protecting their organisation's information assets

Useful Info

Home
Companies that interest me

Tuesday, 22 August 2017

Definition of a Dropper

A dropper is a program (malware component) that has been designed to "install" some sort of malware (virus, backdoor, etc.) to a target system. The malware code can be contained within the dropper (single-stage) in such a way as to avoid detection by virus scanners or the dropper may download the malware to the target machine once activated (two stage)

https://en.wikipedia.org/wiki/Dropper_(malware)

Posted by Tony Brown at 01:58 7 comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

National Cyber Security Centre 10 Steps to (GDPR) Cyber Security

https://www.ncsc.gov.uk/guidance/10-steps-cyber-security

Posted by Tony Brown at 00:37 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Thursday, 10 August 2017

EDR vendors allegedly sharing sensitive information with VirusTotal

http://thehackernews.com/2017/08/fortune-1000-data-leak.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Security+Blog%29

Posted by Tony Brown at 00:54 1 comment:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Wednesday, 9 August 2017

Original Lockheed Martin Kill Chain paper

http://www.lockheedmartin.com/content/dam/lockheed/data/corporate/documents/LM-White-Paper-Intel-Driven-Defense.pdf

Posted by Tony Brown at 01:01 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Saturday, 5 August 2017

This Week in Infosec - August 5th 2017

Marcus Hutchins arrested for allegedly writing Kronos

https://www.theguardian.com/technology/2017/aug/03/researcher-who-stopped-wannacry-ransomware-detained-in-us

AlphaBay taken down

https://en.wikipedia.org/wiki/AlphaBay

Adobe to end-of-life Flash in 2020

Chinese white hat group hacks Tesla again

Merck and TNT severely hit by Petya.

Posted by Tony Brown at 06:12 No comments:

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Newer Posts Older Posts Home

Subscribe to: Posts (Atom)

Security News

Cybersecurity Insiders

PCI DSS 4.0: A Comprehensive Guide to Enhanced Payment Data Security
3 hours ago
The Hacker News

LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damages
5 hours ago
Techdirt.

Bad Sign: Pocketpair Updates ‘Palworld’ By Nixxing Pal Spheres
11 hours ago
Security Boulevard

Navigating the Future of Secure Code Signing and Cryptography
15 hours ago
IBTimes.co.uk : Technology

Saudi National Ploughs Into German Christmas Market Killing 11; Police Find 'Explosive Device' in Car
16 hours ago
Schneier on Security

Friday Squid Blogging: Squid Sticker
16 hours ago
Latest news and stories from BleepingComputer.com

Google Chrome uses AI to analyze pages in new scam detection feature
17 hours ago
Cisco Blog

Beyond the Data Center: High-Performance Networks for AI
22 hours ago
SearchSecurity: Security Wire Daily News

Identity and access management tools and features for 2025
1 day ago
Cybercrime Magazine

Black Hat MEA 2024 In Guinness World Records – Crypto.com CISO
1 day ago
The Register - Security

Infosec experts divided on AI's potential to assist red teams
1 day ago
Risky Business

RBTALKS5: How Pfizer uses AI to detect insider risk
1 day ago
Latest topics for ZDNet in Security

3 holiday email scams to watch for - and how to stay safe
1 day ago
Krebs on Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm
1 day ago
Cybersecurity

We're buying the recent dips on 2 stocks in the most oversold market in over a year
1 day ago
Graham Cluley

Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme
1 day ago
ComputerWeekly: IT security

LockBit ransomware gang teases February 2025 return
2 days ago
Daniel Miessler

UL NO. 462: Full-Face Mask Deceptions, VS Code Tunnel Hacks, Quiet AI Emergence at Apple, and Tokyo’s Three-Day Weekend Gamble
4 days ago
NCSC Site

Social Media: how to use it safely
4 days ago
Troy Hunt

Weekly Update 430
6 days ago
Cybercrime | The Guardian

Democrats and Republicans condemn espionage-driven Chinese hack
1 week ago
Hacker Combat - Cyber Security and Hacking News | HackerCombat

Ways to Mitigate Risk in Cybersecurity: Cybersecurity Risk Management
1 week ago
Google Online Security Blog

Google Cloud expands vulnerability detection for Artifact Registry using OSV
1 week ago
Security Intelligence

What makes a trailblazer? Inspired by John Mulaney’s Dreamforce roast
3 weeks ago
EFF Press Releases

EFF Launches Digital Rights Bytes to Answer Tech Questions that Bug Us All
1 month ago
SecurityWeek RSS Feed

Zero-Day Breach at Rackspace Sparks Vendor Blame Game
2 months ago
IT SECURITY GURU

CyberSmart and e92plus Announce Partnership to Deliver Cyber Risk Management in the UK and Ireland
2 months ago
Motherboard US - Hacking US

The Teenager Who Lived a Secret Double Life as a Millionaire Crypto Bandit
6 months ago
Latest Security Articles from ComputerworldUK

Kill meetings (before meetings kill your company)
8 months ago
Errata Security

C can be memory safe, part 2
10 months ago
Dark Reading:

The Role of the CISO in Digital Transformation
1 year ago
Light Reading:

Energy- and Space-Efficient Security in Telco Networks
1 year ago
News – SC Media

New AI phishing tool FraudGPT tied to same group behind WormGPT
1 year ago
CSO Online

Most popular generative AI projects on GitHub are the least secure
1 year ago
Softpedia News / Security

Google Expands End-to-End Encryption for Gmail on the Web
2 years ago
Threatpost | The first stop for security news

Student Loan Breach Exposes 2.5M Records
2 years ago
DDoS Attacks

Link11 Discovers Record Number of DDoS Attacks in First Half of 2021
3 years ago
Feedspot Blog

Top 5 Ayurveda Forums, Discussions, Message Boards To Follow in 2021
3 years ago
Computer Business Review

Network transformation: The foundation for digital business
3 years ago
RSA Conference Blog

A WORD OF CAUTION: AVOID SCAMMERS CLAIMING TO HAVE THE RSAC ATTENDEE LIST
3 years ago
Bad Packets Report

Over 3,000 F5 BIG-IP endpoints vulnerable to CVE-2020-5902
4 years ago
Cybersecurity Zen

SecureNinja ▶︎ Live Instructor-Led Online Training
4 years ago
Ars Technica » Risk Assessment

What the newly released Checkra1n jailbreak means for iDevice security
5 years ago
US-CERT Tips

Privacy and Mobile Device Apps
5 years ago
Infosecurity Europe Blog

Infosecurity Magazine takes over Infosecurity North America 2018
5 years ago
CRN

WATCH: Digital Guardian Exec On How Its Move To The Cloud Benefits Partners
6 years ago
SecurityRoundTable.org

Why A ‘Cloud Architect’ Should Be on Your Hiring Agenda
6 years ago
WIRED » Threat Level

Feds Charge NSA Contractor Accused of Exposing Russian Hacking
7 years ago
Security | The Silicon Review

Is it true that internet has penetrated only to handful of the Indian population?!
7 years ago
Latest articles from SC Magazine UK

400% increase in POS malware variants across US Thanksgiving weekend
8 years ago
Forbes - Security

Slice Offers On-Demand Insurance To Cover Home Sharing Hell
8 years ago
Blog - devsecops

Securing the Continuous Integration Continuous Deployment (CICD) Pipeline
8 years ago
AlienVault Blogs

Show 10 Show All

Vendors

Centrify Cloud Service Status - Incident History

Delinea 23.1 Cloud Maintenance on Kibble
16 hours ago
Varonis Blog

How Varonis Improves Data Security with Automated Labeling
17 hours ago
Rapid7 Blog

Metasploit Weekly Wrap-Up 12/20/2024
19 hours ago
Malwarebytes Unpacked

Our Santa wishlist: Stronger identity security for kids
21 hours ago
CyberArk

Cloud Security Audits Explained: Challenges and Solutions
22 hours ago
ThreatConnect | Enterprise Threat Intelligence Platform

Navigate ISO 27001:2022 Compliance with ThreatConnect
23 hours ago
CloudFlare

Hi Claude, build an MCP server on Cloudflare Workers
1 day ago
SentinelOne

The Good, the Bad and the Ugly in Cybersecurity – Week 51
1 day ago
The Akamai Blog

Major Enhancements to Akamai API Security, Q4 2024
1 day ago
Arbor Networks Threat Intelligence

2024 DDoS-for-Hire Landscape Part 7
1 day ago
Tenable Blog

Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While Threat from North Korean IT Workers Gets the Spotlight
1 day ago
Cisco Blog » Security

Strengthening Docker Security: Best Practices for Resilient Containers
1 day ago
Imperva Cyber Security Blog

Navigating the New Era of AI Traffic: How to Identify and Block AI Scrapers
1 day ago
AWS Security Blog

AWS completes the CCCS PBHVA assessment with 149 services and features in scope
1 day ago
Heimdal Security Blog

Free & Downloadable Vendor Risk Assessment Template
1 day ago
Palo Alto Networks Blog

Cybersecurity Trends on the Horizon Across APAC for 2025 and Beyond
3 days ago
Recorded Future

Fraud Funding Terrorism? The Cost of Missing Sanctioned Connections in a Globalized Fraud Ecosystem
3 days ago
Darktrace Blog

Phishing Attacks Surge Over 600% in the Buildup to Black Friday
2 weeks ago
Darktrace Blog

Phishing Attacks Surge Over 600% in the Buildup to Black Friday
2 weeks ago
ClearSky Cybersecurity

CVE-2024-43451: A New Zero-Day Vulnerability Exploited in the wild
5 weeks ago
We Live Security » Languages » English

Life on a crooked RedLine: Analyzing the infamous infostealer’s backend
1 month ago
Fooling the Interpreter

Bypassing Whitelists With XSS Payloads in Attributes
2 months ago
TaoSecurity

What Are Normal Users Supposed to Do with IDS Alerts from Network Gear?
2 months ago
Check Point Blog

Hispanic Heritage Month Spotlight: Bill Diaz
3 months ago
Liquidmatrix Security Digest

Liquidmatrix Security Digest Podcast – Episode 7E
4 months ago
Postmodern Security

Let’s Stop the Security Shaming
6 months ago
Errata Security

C can be memory safe, part 2
10 months ago
Packet Pushers - Briefings In Brief

NB452: Cisco Makes You Feel Vulnerable; Broadcom 25.6Tbps Routing ASIC Targets Custom Silicon; China Mandates IPv6
1 year ago
Naked Security

Update on Naked Security
1 year ago
Anomali Blog

Anomali Cyber Watch: Cadet Blizzard - New GRU APT, ChamelDoH Hard-to-Detect Linux RAT, Stealthy DoubleFinger Targets Cryptocurrency
1 year ago
Securosis Highlights

The THIRTEENTH Annual Disaster Recovery Breakfast: Changing of the Guard
1 year ago
blog.trendmicro.co.uk

Delivering visibility, control and simplified security to Bathgate Group
2 years ago
TrendLabs Security Intelligence Blog

Finest Free Torrenting VPNs
3 years ago
AlienVault Blogs

This feed has moved and will be deleted soon. Please update your subscription now.
3 years ago
Carbon Black

VMware Carbon Black Delivers High-Fidelity Insight at Every Step of MITRE Engenuity ATT&CK® Evaluation
3 years ago
CipherCloud

CipherCloud and Lookout Blaze a New Path Together – Redefining Security from Endpoint to Cloud
3 years ago
Inside The Threat Blog by Lancope

This feed has moved and will be deleted soon. Please update your subscription now.
4 years ago
Skybox Security Blog – Cybersecurity from The Skybox View

Salt Vulnerabilities Exploited with Targeted Cryptomining Attack on DigiCert
4 years ago
Zscaler Research

Frenchy – Shellcode in the Wild
4 years ago
Cisco Blog » Threat Research

C2 With It All: From Ransomware To Carding
5 years ago
Preempt Blog

Why Insider Threat Denial is Everyone’s Problem
5 years ago
Network Security Blog

Lucky Break
6 years ago
Threat Research

BIOS Boots What? Finding Evil in Boot Code at Scale!
6 years ago
Threat Intelligence

Lojack Becomes a Double-Agent
6 years ago
Fortinet Blog

Securing the Network: What Three Key Verticals Require
6 years ago
Cyphort

Equifax Breach: The News We All Dreaded to Hear.
7 years ago
Speaking of Security - The RSA Blog and Podcast

A Security Decision – Build or Buy
7 years ago
Metasploit

Metasploit Wrapup
7 years ago
Threat Geek

Reducing Detection from Months to Minutes: Detecting Credentials in the Clear
7 years ago
Lockheed Martin Cybersecurity Blog

How Threat Intelligence Can Increase an Organization’s Cybersecurity Maturity
8 years ago
iSIGHT Partners

ThreatScape Media Highlights Update – Week Of June 8th
8 years ago
LogRhythm: The Dialog - The Security Intelligence Company

Getting Started with Threat Intelligence
9 years ago
IBM Internet Security Systems Internet Threat Information

Multiple Adobe Flash Player code execution vulnerabilities
9 years ago
Our Blog | Core Security
Comments on: The Top 10 AlgoSec Blog Posts From 2018
Farsight Security Blog
Trustwave Newsroom
Cylance Blog

Show 10 Show All

Blog Archive

► 2020 (2)
- ► May (2)

► 2019 (35)
- ► December (2)
- ► November (2)
- ► October (6)
- ► September (5)
- ► August (1)
- ► June (1)
- ► February (4)
- ► January (14)

► 2018 (4)
- ► December (2)
- ► September (1)
- ► April (1)

▼ 2017 (6)
- ▼ August (5)
- ► July (1)

► 2016 (1)
- ► January (1)

► 2015 (4)
- ► September (4)

► 2013 (3)
- ► April (1)
- ► March (1)
- ► February (1)

About Me

Tony Brown: Enterprise Security Solutions Architect at global service provider. CCIE #8767. CISSP. Chartered Engineer. MSc. in Information Security. CCDE 2011:6 Chartered IT Professional. Member of the Institute of Information Security Professionals. Blah blah blah

View my complete profile

Awesome Inc. theme. Powered by Blogger.