I thought the CIA's "best practices" for coding malware were interesting. It's basically a list of things you have to consider when dealing with a sophisticated attacker. Basic audit features aren't enough if your data and systems present an attractive target. … [Read more...]