Browse by Tags
All Tags »
Security (RSS)
Setbacks and Triumphs The domain registration task became exponentially more challenging on March 4, 2009, with the discovery of Worm:Win32/Conficker.D. Investigators reverse-engineered the new variant and determined that it was programmed to generate
Read More...
The Conficker Working Group Is Born In January 2009, representatives from a number of security research companies and domain registrars, along with the anti-botnet Shadowserver Foundation, began discussing how best to implement a defensive Domain Name
Read More...
One of my favorite stories in the recent edition of the Microsoft Security and Intelligence Report v7 , pp 29-32, is that of the story of Conficker. I thought I would repost it here because it illustrates the problem of Conficker and the way the industry
Read More...
Every 6 months or so, Microsoft releases its Security and Intelligence Report for the previous 6 months of the year. SIRv7 is now available here . This is a very comprehensive document covering topics from the entire threat landscape that
Read More...
Spoiler alert. This past weekend, I got a chance to watch the 4th installment in the Die Hard series, Live Free or Die Hard . I hadn’t seen the whole thing end-to-end before, only parts of it. It was nice to finally get a chance to see the
Read More...
MAAWG is an organization that started up in response to the spam problem. Its official name is the Messaging Anti-Abuse Working Group, and they are meeting this week in Philadelphia to discuss all things abusive. I didn’t go this time around,
Read More...
Last week, I commented on the the Gmail/Hotmail/Yahoo username and password leak. The question we now ask is whether or not we are seeing an increased amount of spam from those services. The folks from All Spammed Up recently posted that various
Read More...
I wasn’t going to comment on this until later, but the story is spreading; there’s a link off the Yahoo Canada homepage. 10,000 usernames and passwords were posted this past week, victims of a phishing scam. From Computerworld : If (technology
Read More...
I attended the Virus Bulletin 2009 conference this past week in Geneva, Switzerland and had a pretty good time there. I came away with a number of themes: Spam is not going to go away any time soon, but it is not the growth industry in internet
Read More...
Originally posted by Larry Seltzer of PCMag: There are probably several new malware variants out per hour somewhere around the world, but only a small fraction have impact.What distinguishes the truly effective malware from the great unwashed malware
Read More...
Is Windows insecure by design? In the Security and Intelligence Report, version 6 , Microsoft looks at security vulnerability disclosures. Vulnerabilities are weaknesses in software that allow an attacker to compromise the integrity, availability,
Read More...
As I was saying in my other post, I take issue with the claim that Windows is insecure by design. Is this actually true? It is a perception that certainly resonates within the software community, particularly among Mac and Linux users.
Read More...
One of the stories going around the web is the discovery of a botnet that spreads on infected systems running the Linux operating system. The reason that this is a big deal is because historically, computers running Windows have been the most likely victims
Read More...
This morning, while driving into work, I heard an advertisement on the radio from a major bank. The premise of the commercial was that a father instructed his daughter to use his bank account wisely. Either he gave her a credit card, or he
Read More...
One of the things I frequently find myself on the lookout for is real life security breaches and the trust model. However, I also like to see how these things interact with technology and psychology. Part of the problem with spam is that the protocol
Read More...
