Nitol Botnet: You Will Never Break The Chain
Nitol versus Michelangelo: the supply chain is much more than the production line.
SC Magazine
AMTSO's New Direction (and some resources updates)
AMTSO's discussions on its own new directions, and updates to its testing-related resources.
Free Anti‑virus: Worth Every Penny?
Why you really might prefer to pay for AV security. Free Fall or Free-for-All?
VirusTotal, Useful Engines, and Useful AV
The paper by Julio Canto and myself on the use and misuse of multi-scanner malware-checking resources like VirusTotal is now available.
Great Expectations and the Grim Reaver
WPS, Reaver, and what you can expect from anti-virus by way of vulnerability scanning
Facebook Likes and cold‑call scams
Many companies and sites offering support are basing their appeal to visitors to their web sites on bona fides that are pretty difficult to verify.
Virtualization & Conferencing
David Harley is taking part in the keynote session (11.00-12.00 EST) on "APT: Real Threat or Just Hype" at US Infosecurity's Virtual Conference on November 8th.
New white paper & presentations, and an SC Mag article
A new conference paper, two conference presentations, and an article for SC Magazine.
Not all Facebook threats are hoaxes…
...the finding that 52% of respondents felt that increased use by their employees of social media had resulted in an increase in attacks from malware seems to me both interesting and significant...
Facebook, the natural home of the hoax
You may have noticed a lot of excitement about Facebook's latest attempts to prune your privacy, and you'll probably see more commentary on this blog. Here's something a little different: a good old-fashioned chainletter that seems to be flourishing despite all its logical flaws. The story is at SC Magazine's Cybercrime Corner, to which I
SSL: Threatened by a BEAST of Prey
SSL isn't hopelessly broken, but the widespread use of TLS 1.0 means that SSL cannot be regarded as fully "secure"
The Dirt on Certs
Róbert Lipovský and I put our heads together and posted a joint article to SC Magazine's Cybercrime Corner on "Dead Certs?"
RIP Anti‑Virus (Again)
As you might expect, I don't by any means agree that AV is a dead parrot, though I'm not going to claim that it detects everything (or anywhere near that) either.
Social media: information wants to be free…
…but it doesn't necessarily want you to be free. Since Cameron Camp and I have written here and here about the implications of the UK government's meditations on curbing civil unrest by curbing social media services, it's interesting to see that the estimable Kim Davis, who previously categorized UK Prime Minister David Cameron's pronouncements as bluster, has also
Cybercrime Corner Revisited
You may be aware that Cameron Camp and I regularly write articles for SC Magazine's Cybercrime Corner: here here's a catch-up list of the most recent, in the hope that you might find them of use and interest. At any rate, it'll give some idea of the range of content covered. Ten years later, still the same
Comment Spam: what’s in a name?
...I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog...
Hacktivism: not a get‑out‑of‑jail card?
What we're lacking here is a clear differentiation between types of "hacktivist" or, indeed, "activist": much of the commentary that's around at the moment seems to assume that all hacktivists are the same.
SCADA still scary
"Infrastructure Attacks: The Next Generation?" now includes the speaker notes, which hopefully makes it more interesting and useful.
The Next Stuxnet
...the 'next Stuxnet' probably won't be any such thing, whatever we may choose to call it...
Why the IMF breach?
In the absence of any detailed information from the IMF itself, it's not surprising that most of the surmise around the attack is based on internal IMF memos quoted by Bloomberg, and much of it is rather tenuous.