Security Intelligence

Archive

The Security Engineering Research Team (SERT) routinely publishes threat intelligence that is relevant to IT and security minded professionals alike. We invite you to routinely check back here to view the latest publications by SERT.

SERT Report: Exploit Kits - v1.0

February 01, 2013

A current inventory of the most popular exploit kits, the common payloads deployed and the targeted vulnerabilities.

Hunting Malware with Memory Analysis

December 13, 2012

See how to produce a program that could extract and decode specific information obtained from a packet capture by combining programming and packet analysis. Moving forward, the possibilities are endless — from identifying reconnaissance and attack methods, to protocol anomaly detection. All of this can be identified using the very tools discussed here.

Packet Wrangling 101: Building your own Packet Analyzer

December 11, 2012

See how to produce a program that could extract and decode specific information obtained from a packet capture by combining programming and packet analysis. Moving forward, the possibilities are endless — from identifying reconnaissance and attack methods, to protocol anomaly detection. All of this can be identified using the very tools discussed here.

SERT Awareness Report: BlackHole Exploit Kit, Banking Trojans and ACH Transfers

October 03, 2012

This timely report provides a brief description of how Distributed Denial of Service (DDoS) attacks are used to hide transactions or prevent the stoppage of transactions. SERT has also provided some common recommendations for identifying and possibly preventing malicious attackers from deploying the first stages of attacks as well as preventative measures that can be taken to reduce the effects of DDoS attacks.

Complete the form and download your copy of the 2014 GTIR.

GTIR

The report provides findings, case studies and recommendations to help reduce the threat mitigation timeline.

Learn More

View the latest security bulletins and advisories from MAPP Partners

Each month, Microsoft releases a new security bulletin containing the latest security announcements from Microsoft Active Protections Program (MAPP) partners. View the latest security bulletins and advisories on the Microsoft Technet site.