Article: Distribute Cybersecurity Tasks with Diffusion of Responsibility in Mind - published about 1 year ago.
Content: The notion that security is everyone’s responsibility in computer systems dates back to at least the early 1980s when it was included in a US Navy training manual and hearings in the US House of Representatives. Behind the pithy slogan is the idea that every person in the organization contributes to its security program. Even if the company has employees wi...
Copy Link: https://zeltser.com/distribute-cybersecurity-tasks/   
Published: 2023 11 03 17:46:53
Received: 2023 11 03 18:04:38
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published over 1 year ago.
Content: As the CISO at a tech company, my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the software de...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2023 10 05 20:04:15
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: A Report Template for Incident Response - published over 1 year ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2023 10 05 19:04:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How Security Can Better Support Software Engineering Teams - published over 1 year ago.
Content: As the CISO at a tech company (Axonius), my responsibilities include empowering our software engineering teams to maintain a strong security posture of our products. While everyone agrees that security is important, the different incentives of security and engineering teams can make it harder to collaborate. Here's some advice on weaving security into the s...
Copy Link: https://zeltser.com/securing-software-products/   
Published: 2023 10 05 18:53:35
Received: 2023 10 05 19:04:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Security Leaders Can Lower Expenses While Reducing Risk - published over 1 year ago.
Content: As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend t...
Copy Link: https://zeltser.com/lower-cybersecurity-expenses-reduce-risk/   
Published: 2023 08 23 11:14:00
Received: 2023 09 13 14:43:44
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: A Report Template for Incident Response - published over 1 year ago.
Content: Preparing for cybersecurity and data privacy incidents involves creating checklists and documented plans to enable the response team to do their best during the incident. Preparation also includes creating a template that the team can use as the basis for the incident report, which is critical to ensuring that the incident is handled well. We created suc...
Copy Link: https://zeltser.com/incident-response-report-template/   
Published: 2023 09 13 14:39:17
Received: 2023 09 13 14:43:44
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published over 1 year ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 09 06 15:43:59
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Withholding Single Sign-On from SaaS Customers is Bad for Business and Security - published over 1 year ago.
Content: Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end "enterprise" product tiers. By withholding this capability from smaller organizations, they put customers' security at risk. Moreover, such vendors base a pricing strategy on a weak signal and miss an opportunity to lower their own securi...
Copy Link: https://zeltser.com/witholding-sso/   
Published: 2023 05 26 01:32:06
Received: 2023 08 23 11:24:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Security Leaders Can Lower Expenses While Reducing Risk - published over 1 year ago.
Content: As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how. Start by critically reviewing how you’ll spend t...
Copy Link: https://zeltser.com/lower-cybersecurity-expenses-reduce-risk/   
Published: 2023 08 23 11:14:00
Received: 2023 08 23 11:24:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 4 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published about 4 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 3 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity: No Longer the “Department of No” - published about 2 years ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? We’re often in the position of having to deny people's requests. Our colleagues want t...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Shift Your Mindset from Conflict to Collaboration to Succeed in Security - published almost 2 years ago.
Content: In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit the...
Copy Link: https://zeltser.com/shift-your-mindset-from-conflict-to-collaboration-to-succeed-in-security/   
Published: 2023 03 29 14:24:13
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Untangling the Complexity of SaaS Ownership in the Enterprise - published over 1 year ago.
Content: Before SaaS, employees had to rely on IT and other teams to procure software, which gave the organization a direct way of controlling such purchases and deployments. Now, employees can sign up for SaaS applications without involving anyone in the company. All it takes is a few clicks and (sometimes) a credit card for people to start using such products. In ...
Copy Link: https://zeltser.com/untangling-saas-complexity/   
Published: 2023 04 27 21:36:16
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: As a CISO, Are You a Builder, Fixer, or Scale Operator? - published over 1 year ago.
Content: When contemplating the next step in your career as a cybersecurity leader, understand what you do best and what you enjoy doing. Figuring this out will help you identify organizations and projects that will benefit from your superpowers and accelerate your growth as a professional. As an added bonus, you’ll be more effective in communicating how you bring v...
Copy Link: https://zeltser.com/builder-fixer-scale-operator/   
Published: 2023 05 10 16:20:17
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published over 1 year ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Three Ways CISOs Can Drive More Meaningful Collaboration - published over 1 year ago.
Content: Today’s CISOs are more than technologists—we strive to make ourselves well-rounded business leaders. This involves aligning our efforts with business objectives and collaborating with colleagues who are not experts in IT or security. In fact, Gartner’s research found that top-performing CISOs regularly meet with three times as many non-IT stakeholders as th...
Copy Link: https://zeltser.com/cisos-and-collaboration/   
Published: 2023 05 16 01:41:38
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Withholding Single Sign-On from SaaS Customers is Bad for Business and Security - published over 1 year ago.
Content: Despite years of public shaming by security professionals, some SaaS vendors only offer Single Sign-On (SSO) in high-end "enterprise" product tiers. By withholding this capability from smaller organizations, they put customers' security at risk. Moreover, such vendors base a pricing strategy on a weak signal and miss an opportunity to lower their own securi...
Copy Link: https://zeltser.com/witholding-sso/   
Published: 2023 05 26 01:32:06
Received: 2023 08 21 14:03:21
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Three Ways CISOs Can Drive More Meaningful Collaboration - published over 1 year ago.
Content: Today’s CISOs are more than technologists—we strive to make ourselves well-rounded business leaders. This involves aligning our efforts with business objectives and collaborating with colleagues who are not experts in IT or security. In fact, Gartner’s research found that top-performing CISOs regularly meet with three times as many non-IT stakeholders as th...
Copy Link: https://zeltser.com/cisos-and-collaboration/   
Published: 2023 05 16 01:41:38
Received: 2023 05 16 01:44:30
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Let’s Address the Cybersecurity Careers Gap - published over 1 year ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 14:44:20
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Address the Cybersecurity Careers Gap - published over 1 year ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which we might cal...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 01:04:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Tackle the Cybersecurity Careers Gap - published over 1 year ago.
Content: Too many people are unsure how to enter or grow in the cybersecurity industry. It's a relatively young field, and we haven’t done a good job of defining what it means to have a career in it. Hiring managers who are worried about finding candidates because of the much-discussed cybersecurity skills gap should consider the underlying issue, which I'd like to ...
Copy Link: https://zeltser.com/cybersecurity-careers-gap/   
Published: 2023 05 12 00:39:43
Received: 2023 05 13 00:44:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: As a CISO, Are You a Builder, Fixer, or Scale Operator? - published over 1 year ago.
Content: When contemplating the next step in your career as a cybersecurity leader, understand what you do best and what you enjoy doing. Figuring this out will help you identify organizations and projects that will benefit from your superpowers and accelerate your growth as a professional. As an added bonus, you’ll be more effective in communicating how you bring v...
Copy Link: https://zeltser.com/builder-fixer-scale-operator/   
Published: 2023 05 10 16:20:17
Received: 2023 05 10 16:24:17
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Untangling the Complexity of SaaS Ownership in the Enterprise - published over 1 year ago.
Content: Before SaaS, employees had to rely on IT and other teams to procure software, which gave the organization a direct way of controlling such purchases and deployments. Now, employees can sign up for SaaS applications without involving anyone in the company. All it takes is a few clicks and (sometimes) a credit card for people to start using such products. In ...
Copy Link: https://zeltser.com/untangling-saas-complexity/   
Published: 2023 04 27 21:36:16
Received: 2023 05 05 21:04:39
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity: No Longer the “Department of No” - published about 2 years ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? We’re often in the position of having to deny people's requests. Our colleagues want t...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2023 04 18 15:24:13
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published almost 5 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2023 04 14 15:03:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published almost 5 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2023 04 14 15:03:24
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published over 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published over 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published about 4 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 3 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2023 04 14 15:03:23
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Shift Your Mindset from Conflict to Collaboration to Succeed in Security - published almost 2 years ago.
Content: In the two decades I've spent in cybersecurity, I've observed and experienced the fighting spirit of security professionals: When tasked with safeguarding information assets, we envision ourselves erecting defenses to keep threat actors at bay, or we emulate malicious actions to find flaws in the organization's security measures before attackers exploit the...
Copy Link: https://zeltser.com/shift-your-mindset-from-conflict-to-collaboration-to-succeed-in-security/   
Published: 2023 03 29 14:24:13
Received: 2023 04 14 15:03:22
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Cybersecurity vs. Everyone - published about 2 years ago.
Content: Cybersecurity leaders not only go against threat actors to defend the organization but also find themselves at odds with other business executives. How can we avoid fighting everyone? What does it take to ensure the security team doesn't become the department of "no"? In the following conversation with Chris Cochran and Ron Eddings at Hacker Valley, I di...
Copy Link: https://zeltser.com/cybersecurity-vs-everyone/   
Published: 2022 12 30 17:40:37
Received: 2022 12 30 17:42:57
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Top 10 Cybersecurity Writing Mistakes - published over 5 years ago.
Content: Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I've encountered when working as a cybersecurity professional. The mistakes you'll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: structure, look, words, tone, and informat...
Copy Link: https://zeltser.com/cybersecurity-writing-mistakes/   
Published: 2019 10 05 01:00:36
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: What’s It Like for a New CISO? - published almost 5 years ago.
Content: As of this writing, I've spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I've held a variety of leadership positions over the years, working in this capacity and setting is new for me. I've been capturing aspects of my journey in talks and articles so that others might learn ...
Copy Link: https://zeltser.com/new-ciso-impressions/   
Published: 2020 02 13 16:38:59
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published almost 5 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published almost 5 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2022 11 02 21:04:34
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Write Better Threat Reports - published over 4 years ago.
Content: Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I'm happy to share what I've learned over the years abo...
Copy Link: https://zeltser.com/write-better-threat-reports/   
Published: 2020 07 01 13:42:51
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published over 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published over 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 4 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published about 4 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Ask Questions to Succeed with Security Projects - published over 3 years ago.
Content: No matter the years of experience in cybersecurity, security professionals are often in situations where crucial details are missing. Yet, we often hesitate to ask questions because we don't want to appear ignorant or don't know what to ask. I captured my perspective on asking questions in a constructive way in a three-post series. Read the posts to lear...
Copy Link: https://zeltser.com/how-to-ask-questions-to-succeed-with-security-projects/   
Published: 2021 10 14 14:53:00
Received: 2022 11 02 21:04:33
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: The State of Malware Analysis: Advice from the Trenches - published over 5 years ago.
Content: What malware analysis approaches work well? Which don't? How are the tools and methodologies evolving? The following discussion--captured as an MP3 audio file--offers friendly advice from 5 malware analysts. These are some of the practitioners who teach the reverse-engineering malware course (FOR610) at SANS Institute: Jim Clausing: Security Architect at...
Copy Link: https://zeltser.com/state-of-malware-analysis/   
Published: 2019 09 26 13:45:48
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Top 10 Cybersecurity Writing Mistakes - published over 5 years ago.
Content: Want to strengthen your writing in under an hour? Watch the video I recorded to help you avoid the top 10 writing mistakes I've encountered when working as a cybersecurity professional. The mistakes you'll see in this video—and the practical tips for avoiding them—span the key aspects of technical writing: structure, look, words, tone, and informat...
Copy Link: https://zeltser.com/cybersecurity-writing-mistakes/   
Published: 2019 10 05 01:00:36
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: What’s It Like for a New CISO? - published almost 5 years ago.
Content: As of this writing, I've spent six months in the role of Chief Information Security Officer (CISO) at Axonius, a rapidly growing technology company. Though I've held a variety of leadership positions over the years, working in this capacity and setting is new for me. I've been capturing aspects of my journey in talks and articles so that others might learn ...
Copy Link: https://zeltser.com/new-ciso-impressions/   
Published: 2020 02 13 16:38:59
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How to Set Up a SpiderFoot Server for OSINT Research - published almost 5 years ago.
Content: SpiderFoot is a tool for gathering Open Source Intelligence (OSINT) and threat intelligence about IPs, domains, e-mail addresses, and other research targets from many data sources, including services such as Shodan and Have I Been Pwned. Steve Micallef, the tool's author, offers a free, open source version of SpiderFoot. His team also provides an affordable...
Copy Link: https://zeltser.com/spiderfoot-server-setup/   
Published: 2020 04 17 01:10:28
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Learning Malware Analysis and Cybersecurity Writing Online - published almost 5 years ago.
Content: You can now take my malware analysis and cybersecurity writing courses online in two formats at SANS Institute, depending on how you prefer to learn: OnDemand: Self-paced, recorded training with four months of access to course materials and labs. You'll like this if you prefer to start, stop, or speed up training any time they want or who need the flexib...
Copy Link: https://zeltser.com/malware-analysis-and-writing-online-training/   
Published: 2020 04 20 03:31:40
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Write Better Threat Reports - published over 4 years ago.
Content: Writing about cybersecurity threats, such as phishing campaigns, malware infections, and attack groups, is challenging for many reasons. How should you decide what details to include? How can you persuade the readers that your analysis is sound? How might you address the needs of multiple audiences? I'm happy to share what I've learned over the years abo...
Copy Link: https://zeltser.com/write-better-threat-reports/   
Published: 2020 07 01 13:42:51
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Unemployment Insurance Fraud and Identity Theft: Up Close and Personal - published over 4 years ago.
Content: In June 2020, the Federal Trade Commission (FTC) warned that "imposters are filing claims for unemployment benefits [in the US], using the names and personal information of people who have not filed claims." How do such scams look from the victim's perspective, and what can you do if you're affected? As a victim of this scheme, I'd like to share my experien...
Copy Link: https://zeltser.com/unemployment-fraud-and-identity-theft/   
Published: 2020 07 02 03:24:04
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: Version 7 of the REMnux Distro Is Now Available - published over 4 years ago.
Content: 10 years after the initial release of REMnux, I'm thrilled to announce that REMnux version 7 is now available. This Linux distribution for malware analysis includes hundreds of new and classic tools for examining executables, documents, scripts, and other forms of malicious code. To start using REMnux v7, you can: Download REMnux as a virtual applianc...
Copy Link: https://zeltser.com/remnux-v7-release/   
Published: 2020 07 22 13:51:50
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: REMnux Tools List for Malware Analysis - published over 4 years ago.
Content: REMnux® offers a curated collection of free tools for reverse-engineering or otherwise analyzing malicious software. How to find the right tool for the job, given how many useful utilities come as part of the distro? To guide you through the process of examining malware, REMnux documentation lists the installed tools by category. Each grouping, which you...
Copy Link: https://zeltser.com/remnux-tools-list/   
Published: 2020 10 13 16:14:40
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security

Article: How You Can Start Learning Malware Analysis - published about 4 years ago.
Content: Malware analysis sits at the intersection of incident response, forensics, system and network administration, security monitoring, and software engineering. You can get into this field by building upon your existing skills in any of these disciplines. As someone who's helped thousands of security professionals learn how to analyze malware at SANS Institute,...
Copy Link: https://zeltser.com/start-learning-malware-analysis/   
Published: 2021 01 06 16:09:04
Received: 2021 06 06 09:05:26
Feed: Lenny Zeltser
Source: Lenny Zeltser
Category: Cyber Security
Topic: Cyber Security