I published the following diary on isc.sans.org: “Automatic Hunting for Malicious Files Crossing your Network“: If classic security controls remain mandatory (antivirus, IDS, etc), it is always useful to increase your capacity to detect suspicious activities occurring in your networks. Here is a quick recipe that I’m using to detect
It became a daily action for most of us: We are looking for a piece of software which could improve our tasks. Google provides us thousands of links, we select the most attractive, download it and install it (there is no restriction in the users not the operating systems). That’s
In security, when you have to restrict access to “resources” (websites, files, IP addresses, ports, etc), you can deploy while or black lists. The term “white list” refers to a list of resources which are allowed or granted. At the opposite, a black list refers to resources which are denied
