Last Wednesday, Nov 17, the US China Economic and Security Review Commission released a wide-ranging report on China trade, capital markets, human rights, and other top issues.  Craig Labovitz has a good summary on his blog: Tucked away in the hundreds...

Well, I’ve currently got a bit of spare time at work so I thought I’d write up a blog post.  Last week, I alluded to Facebook’s new messaging platform and how it wouldn’t lead to the death of email.  The reason why it wouldn’t is because email...

Recently, Microsoft started packaging its free antivirus software Microsoft Security Essentials with its Windows Update service.  This is a smart move, right?  Users who don’t have any A/V protection would now have something and therefore they...

One of the things that has kept me busy the past few weeks (read: months) is outbound spam – again! No matter how many mitigations we put in place, it’s never enough. The current challenge that we are dealing with is compromised accounts...

Yesterday, Facebook announced that they were introducing a new messaging platform.  You can read all about it on a blog post here .  Facebook is careful to point out that this is not a replacement for email; it is not email, so they claim. ...

Ugh.  Sometimes I hate to be right. Three and a half years ago, when I was being asked for my thoughts about what I thought the next big spam vector would be, I said that it would be on cell phones.  My theory was that cell phone providers would...

Yesterday, I came across the following proverb: Where there are no oxen, the manger is empty, but from the strength of an ox comes an abundant harvest. Proverbs 14:4, NIV In context, this passage is saying that if you have an ox, you have to keep it somewhere...

This is a topic that I have written about before, but I will continue to write about it until I see a fundamental change in the industry. One of my hobbies, and it has been a hobby for years, is stock trading.  I like doing research on weekends and...

Following up from my post yesterday, I thought I would take a look at how spammy each particular TLD is.  At the moment, I only track 8 TLD’s - .cn, .ru, .com, .net, .org, .info, .biz and .name.  To check to see which one is the spammiest, I...

A couple of weeks ago, NetworkWorld published an article indicating that the .com TLD was the riskiest TLD in terms of containing code that can steal passwords or take advantage of browser vulnerabilities to distribute malware.  Here’s an excerpt...

Today, I had an interesting experience. I went to the bank today to deposit a couple of checks (or “cheques”, for my Canadian and UK readers).  I drove up to my bank, filled in the deposit slip, signed the back of checks, entered in the deposit envelopes...

Inspired by my previous post on measuring false positives , and spam effectiveness , I thought I’d take a look at how to measure incremental value. In our own organization, we are constantly tweaking things here and there.  If we push up the aggressiveness...

Some of the folks associated with the Microsoft Security Intelligence Report were recently interviewed and filmed.  They are sharing their thoughts around the recent SIR as well as providing some discussions around botnets.  I thought that I...

I’m a bit behind on writing about this, but last week the Bredolab botnet was infiltrated and shut down by Dutch police.  From PC World : A massive takedown operation conducted by Dutch police and security experts earlier this week does not appear...

Joseph Menn recently wrote a follow up article to his book Fatal System Error .  The book tells the story of an individual in the security industry who made the mistake of working with the local police, investigating cyber crime over in Russia. ...

A few weeks ago, I remarked that my Hotmail username and password had been compromised.  I had some theories about how it happened but couldn’t quite put my finger on it. Well, it happened again and once again, I am not sure how it happened. I was...