Browse by Tags

Measure and counter measure – malware and anti-malware
21 April 08 09:04 PM
There is a small, high-tech and rather geeky war going on and the battlefield is your PC. Like any war, each side is trying to learn from the other. This war is for the ownership of resources – and ultimately for money. Maybe most wars are. Let us look Read More...
Postedby marklon | 1 Comments    
Filed under: , , ,
Please, put me out of a job here!
15 April 08 06:31 PM
Hello readers I am sorry that I haven’t updated my blog for a while. It has been a bit of a busy time. Since there have been press releases and other people have blogged, I suppose that I can talk a bit about what I have been doing. As I have mentioned, Read More...
Postedby marklon | 2 Comments    
Malware that wants to stay - Some passive protection tricks
20 March 08 08:31 PM
Hello again I wanted to talk about some of the things that malware does to make itself hard to remove. Most Trojans are designed to work on an average XP workstation and make assumptions based on that – which typically breaks servers in rather nasty ways. Read More...
Postedby marklon | 0 Comments    
Filed under: , , ,
Small glitch - MS08-017 for Office 2000 is not currently downloadable
12 March 08 04:29 PM
Hi folks Just a quick heads up - we know that the link from the bulletin is broken. We had a problem with propagating out the file to the web farm (it is a big old webfarm) and so the file is not universally available just yet. We have a lot of operations Read More...
Postedby marklon | 0 Comments    
Firewalls and old school attacks
07 March 08 08:55 PM
I saw a really old fashioned denial of service attack today. A customer was concerned that they were seeing odd ICMP packets. ICMP is the protocol used for pings. Very few system admins bother to monitor them because they are generally rather dull. However, Read More...
Postedby marklon | 1 Comments    
I passed my CISSP exam
05 March 08 10:35 AM
Well, nothing like getting all of my news out of the way in one go. Because of my self imposed rule that all blogs must have some technical content: Most bots don't use hard coded IP addresses for their command and control mechanism. Sometimes the engine Read More...
Postedby marklon | 2 Comments    
Testing times
03 March 08 06:21 PM
Hello all I am sorry that I haven’t blogged for a while. It has been a bit of a busy time. After developing all that training (and I would love to be able to say who the audience were but I really can’t), I was on the receiving end of some for a change. Read More...
Postedby marklon | 1 Comments    
Security Updates - Are they the answer?
12 February 08 01:23 PM
Ah, another “update Tuesday” – known to the rest of the world as “patch Tuesday” but we are not supposed to call it that. We have a fine crop of updates for you but I am not going to talk about those, partially because we won’t be releasing them for several Read More...
Postedby marklon | 2 Comments    
Filed under: , , ,
Antimalware tools and tricks
21 January 08 04:50 PM
Ah, I am back in the office and settling into to my normal day to day work. I am fairly often asked to remove malware from systems which the anti-malware programs on that particular PC system can’t handle. In fairness, it is often not the AV products Read More...
Postedby marklon | 0 Comments    
Filed under: , , ,
Don't you hate blogs which are updates with no technical content?
11 January 08 09:46 PM
I know that I do - but I don't want you to think that I have dropped off the face of the planet. The honest truth is that I have been stuck on a long term project which I can't really talk about. It is not "scary secret, Die Hard 4.0" stuff but it is Read More...
Postedby marklon | 1 Comments    
Filed under:
Silent but not dead
29 November 07 07:00 PM
Hello all I am sorry that I haven’t updated this blog for a while. I haven’t forgotten, just been busy on other things, most of which I can’t talk about to preserve customer confidentiality. In fairness, most of them were not that interesting in any case. Read More...
Postedby marklon | 0 Comments    
Doing it yourself.
26 October 07 08:22 PM
Hello again Two blogs in less than 48 hours? Whatever could be happening? No, this is not a reference to the issue documented in http://www.microsoft.com/technet/security/advisory/943521.mspx which is interesting but certainly not widely exploited in Read More...
Postedby marklon | 2 Comments    
Filed under: , ,
You can't get the staff – Social engineering
24 October 07 05:17 PM
Sometimes I like to talk about software engineering but today I would like to ramble on about a different subject: Social engineering. Social engineering is a common technique for getting malware on systems and of course, for Phishing. The “419 scam” Read More...
Postedby marklon | 4 Comments    
Filed under: ,
Malware: mitigating maladies might matter
17 October 07 06:40 PM
Well, another update Tuesday done and dusted. We are not supposed to use the word "Patch" So, the question that I left you with was what could be done to make it safer to run on a compromised computer; that is to ask how could you mitigate the risks? Read More...
Postedby marklon | 1 Comments    
Filed under: ,
Can you break Law #1 and get away with it?
24 September 07 04:20 PM
To save you scrolling down, let me restate Law #1 of the immutable laws of security: " If a bad guy can persuade you to run his program on your computer, it's not your computer anymore" Is there any possibility that it is safe to do business with a computer Read More...
Postedby marklon | 1 Comments    
Filed under: , ,
More Posts Next page »

This Blog

Syndication

The opinions stated here are my own and may not represent those of Microsoft.
Page view tracker