SANS Digital Forensics and Incident Response Blog: Category - Cyber Kill Chain

Inhibiting Malicious Macros by Blocking Risky API Calls

Microsoft Office Macros have been the bane of security analysts' lives since the late 1990s. Their flexibility and functionality make them ideal for malware authors to use as a primary stage payload delivery mechanism, and to datethe challenge they pose remains unsolved. Many organisations refrain from blocking them completely due to the impact it … Continue reading Inhibiting Malicious Macros by Blocking Risky API Calls


Three Steps to Communicate Threat Intelligence to Executives.

As the community of security professionals matures there is a merging of the intel community, the incident response professionals, and security operations. One struggle folks have is how to make the threat intelligence actionable for the business. You have the large data from Recorded Future, yet, how do you apply the data in a practical … Continue reading Three Steps to Communicate Threat Intelligence to Executives.


CALL FOR PAPERS - SANS Cyber Threat Intelligence Summit 2017

Summit Dates: January 31, 2017 and February 1, 2017 Training Course Dates: January 25-30, 2017Summit Venue: Renaissance Arlington Capital View Hotel — Arlington, VA Deadline to Submit is July 29, 2016. To submit click here This year the CTI Summit is going old school. CTI is a relatively new field, however … Continue reading CALL FOR PAPERS - SANS Cyber Threat Intelligence Summit 2017


A Threat Intelligence Script for Qualitative Analysis of Passwords Artifacts

The Verizon Data Breach Report has consistently said, over the years, passwords are a big part of breach compromises. Dr. Lori Cranor, and her team, at CMU has done extensive research on how to choose the best password policies verses usability. In addition, Alison Nixon's research describes techniques to determine valid password of an organization … Continue reading A Threat Intelligence Script for Qualitative Analysis of Passwords Artifacts


SANS Cyber Threat Intelligence Summit - Call For Papers Now Open

SANS Cyber Threat Intelligence Summit Call For Papers 2015. Send your submissions to CTISummit@sans.org by 5 pm EST on Friday, October 24, 2014 with the subject "SANS CTI Summit CFP 2015." Dates: Summit Dates: February 2 & 3, 2015Pre''Summit Course Dates: February 4''9, 2015 Location:Washington, DC Our 3rd annual Cyber Threat Intelligence (CTI) Summit … Continue reading SANS Cyber Threat Intelligence Summit - Call For Papers Now Open