Hi folks, it's Will. Recently I have been investigating man-in-the-middle (MITM) techniques for analyzing network traffic generated by an application. In particular, I'm looking at web (HTTP and HTTPS) traffic. There are plenty of MITM proxies, such as ZAP, Burp, Fiddler, mitmproxy, and...
Tracy Cassidy discusses CERT research on unintentional insider threat (UIT) with an emphasis on phishing and malware incidents.
In this blog post, Will Dormann discusses application downloads bundled with other software and how it affects your attack surface.
Diana Shick and Angela Horneman discuss Advanced Persistent Threat 1 (APT1).
Matt Collins describes the work involved in identifying and analyzing four insider threat IT sabotage patterns.