A screenshot of a VirusTotal results page showing a detection rate of 10/58 for a Emotet dropper document

Emotet malspam campaign exploits reliance on magic for file type detection

Emotet is a trojan designed to steal banking information. It is frequently spread by sending phishing emails to governments, banks, healthcare organizations, and schools. The phishing emails will o...

Jan 25, 2019 Information Security, Reverse Engineering Malware

How to inspect the certificate of a mail server over a CLI

A tiny guide to using the openssl CLI tool to inspect and/or save the SSL.TLS certificates used by mail servers

Nov 29, 2018 Guides

A screenshot of a pre-made aggregate/summary DMARC dashboard in ELK using data from ParseDMARC

Demystifying DMARC: A guide to preventing email spoofing

Learn how the SPF, DKIM, DMARC email authentication standards work together to prevent unauthorized email spoofing — and how to use open source tools to deploy DMARC for free

Jun 15, 2018 Guides, Information Security

How to compile and install FFmpeg on Debian/Ubuntu

A guide to building and installing FFmpeg 4,0 from source as a custom Debian package on Debian/Ubuntu systems, without conflicting with downstream dependencies

Jun 4, 2018 Guides

An image of handicapped parking by Shawn Campbell

Stop the ADA Education and Reform Act

The ADA Education and Reform Act of 2017 allows business to ignore ADA requirements until a notification is sent by a disabled person, and denies persons with disabilities their right to due proces...

Feb 10, 2018 Healthcare, Politics

Two soldiers process mail in a US Army Forward Operating Base Mailroom

Lessons Learned from the US Federal Government's Ongoing Deployment of SPF and DMARC

An explanation of SPF and DMARC best practices, using results from checkdmarc scans of US Government domains as a case study, as federal agencies work towards fully implementing the cyber hygiene a...

Jan 1, 2018 Information Security

A screenshot of a YARA rule with syntax highlighting

How to install YARA and write basic YARA rules to identify malware

A complete YARA guide, covering installation, practical examples for writing YARA rules, and using YARA to identify, sort, and collect malware samples

Jun 15, 2017 Guides, Information Security

A screenshot of xeyes running on Bash on Ubuntu on Windows 10 WSL

How to run graphical Linux applications on Windows 10 using the Windows Subsystem for Linux (WSL) 1.0

A step-by-step guide on installing Bash on Ubuntu on Windows, with additional steps for running graphical Linux applications.

Jun 11, 2017 Guides

VirusTotal results showing the earliest observed sample of Wannacry ransomware

WannaCry ransomware analysis: Samples date back to at least early February 2017

Information on the spread, mitigation, and patch details of WannaCry, The ransomware that has shut down organizations around the world.

May 18, 2017 Information Security

user manually enables "Ok Google" Trusted Voice

Google Pixel phones can be unlocked with a recording of a trusted voice by default

Trusted Voice is enabled on Google Pixel phones by default, allowing anyone with a recording of you saying "Ok Google" to unlock your phone.

Oct 23, 2016 Information Security