Information Security

Posts related to information security, including news, tutorials, malware analysis, and threat intelligence.

How the Parler data was legally acquired by activists

The Parler data dumps you've heard were obtained legally. Here's how they did it.

January 13, 2021

How to forward a forensic copy of an email as an attachment

If you receive a fraudulent email, can be very useful to send a full forensic copy to an organization that…

August 28, 2019

How to view email headers

Email headers contain very useful information for tracing a message's origin and troubleshooting its delivery. Email headers are written with…

August 27, 2019

Proofpoint is forcing their customers to pay for Email Fraud Defense to get aggregate DMARC data from their own gateways

I have written extensively about the DMARC email security standard, including publishing a comprehensive guide on how to implement it,…

June 4, 2019

Emotet malspam campaign exploits reliance on magic for file type detection

Emotet is a Trojan designed to steal banking information. It is frequently spread by sending phishing emails to governments, banks,…

January 26, 2019

How to inspect the certificate of a mail server over a CLI

If you ever need to inspect the certificate of a remote SMTP server, you can use the openssl CLI tool.…

November 29, 2018

Demystifying DMARC: A guide to preventing email spoofing

DMARC can stop spoofed spam and phishing from reaching you and your customers, protecting your information security and your brand.…

June 15, 2018

Lessons Learned from the US Federal Government’s Ongoing Deployment of SPF and DMARC

SPF and DMARC are standards that describe how the origins of email messages should be verified, to prevent email spoofing.…

January 1, 2018

How to install YARA and write basic YARA rules to identify malware

YARA is described as "The pattern matching Swiss knife for malware researchers (and everyone else)". Think of it as like…

June 15, 2017

WannaCry ransomware analysis: Samples date back to at least early February 2017

The WannaCry ransomware worm has spread panic and destruction as it infects hundreds of thousands of systems around the world;…

May 18, 2017