The fragility of transient identifiers
Let’s talk about the ‘Unfortunate History of Transient Numeric Identifiers’.
Tag: security
How to: Detect and prevent common data exfiltration attacks
Guest Post: Mitigate for APT threats with these best practices for detecting and preventing data exfiltration attacks.
Threat hunting with Yara: The red pill approach
Guest Post: Learn how to combine Yara with other tools to have full control over the condition validation process.
DNSSEC algorithms for TLDs (and everyone else)
Guest Post: Has the time come to phase out 1,024-bit RSA from the DNSSEC ecosystem?
Threat hunting with Yara: Dealing with wildcard hexadecimal patterns
Guest Post: Learn how to use Yara’s native hexadecimal pattern definition features to create fast rules with fewer false positives and no alarming nested loops.
What’s going on with certificate revocation?
Does X.509 certificate revocation work as intended, or even work at all?
Threat hunting with Yara: Measuring distance between any three elements
Guest Post: Learn how to use Yara’s math module and min/max functions to measure distance between patterns.
Threat hunting with Yara: The three body problem
Guest Post: Get to know how to use Yara with real-life research problems — detecting code evolution and shellcodes.
Resurrection of injection attacks
Guest Post: DNS transparency is a gaping hole in Internet security.
Authentication and authorization using SSO
Guest Post: How to use single sign-on to benefit technology selection and deployment.