An Exploit Kit Was Sent To You
Unless you've got the world's best spam filter, you've probably seen one of the latest spam techniques used by malware-dropping bad guys: what appears to be an automated email informing you that a multi-function scanner/copier was used to send you a document. It's
Agile Security
Up until this past year, I had never included any marketing materials in my slides. It never seemed to fit in with a technical presentation, even though I always believed in the Sourcefire product line's ability to defend our customers in the face of a rapidly changing lands
Razorback 0.4.1 released
The Razorback team has released version 0.4.1 (yeah, we would have released 0.4, but we found some critical bugs that we really needed to fix before general release). You can find the new version of Razorback here: http://sfi.re/zQQOQ4. We've done a lot of work both on the
Android.Counterclank: Malware or Adware?
This weekend I noticed a ComputerWorld article titled "Massive Android malware op may have infected 5 million users". After reading, it seemed to be exactly the sort of thing many people have been suggesting - an increasingly large-scale outbreak of malicious activity i
A New Hope
Rep. Mike Rogers (R-MI) and Rep. Dutch Ruppersberger (D-MD) know a secret: The Federal government is REALLY good at watching people, much better than, say, the private sector. So they asked themselves (at least they did in my mind), "Why not share some of that information
Cross-Platform Single-Request Web Server DoS From CCC
Security never sleeps, even if it is the week between Christmas and New Year's, and most of you are on vacation, enjoying time with your family, or just goofing off because the office is empty. Today's reminder of that reality comes from Alexander Klink and Julian Walde,
Malware Mythbusting
The malware sandbox that I've previously discussed on this blog has made for a lot of useful Snort rules - but it's also helped get me some excellent speaking slots around the world this year. This time, I've just wrapped up a presentation titled "Malware Mythbus
Microsoft Security Advisory 2639658
Microsoft recently added a new initiative to its Microsoft Active Protection Program (MAPP), called the Advisory Initiative program, which gives partners up to 96 hours to provide protection for discovered vulnerabilities. Microsoft piloted the program with an advisory release on
Android Malware Analysis: A How-To
While mobile malware comprises only a tiny fraction of the overall landscape in terms of volume, it is fast becoming essential to address from an enterprise security standpoint. Unfortunately, very few people would even have a clue where to start if charged with analyzing a progr