tag:blogger.com,1999:blog-29665700202726831102012-01-17T09:41:04.558Zhack (Hæk) vb. 1. to write computer programs for enjoyment. 2. to gain access to a computer illegally. ~n 3. one who works hard at boring tasks. 4. a mediocre and disdained writer. 5. an old or worn-out horse.Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.comBlogger1671100tag:blogger.com,1999:blog-2966570020272683110.post-11985480034742182362012-01-17T09:41:00.000Z2012-01-17T09:41:04.587Z

A spam message sent to the mobile phone of a would-be suicide bomber caused a premature explosion. The accident happened on new year's eve in Moscow. The bomber, a woman believed to belong to a radical Islamist terror group, was killed but no one else was hurt. According to a report in The Telegraph, "Islamist terrorists in Russia often use cheap unused mobile phones as detonators." The

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-65431771884035064562012-01-12T12:44:00.001Z2012-01-15T10:40:05.471Z

Websense has released details of spammers using QR codes in what appears to be one of the least imaginative and, quite possibly, most ineffective scams I've seen in a long time. The Register picked up on the story a couple of days later, yesterday. QR threat or PR effort? Why is this a stupid scam? Because no one is going to fall for it. It is only interesting to the media because it uses

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-30749827304922424462012-01-12T12:06:00.001Z2012-01-12T12:06:40.202Z

F-Secure has produced a graphical summary that shows some of the most talked-about computer viruses. You can view the entire 'infographic' or download a high-resolution version from F-Secure's blog. To summarise, quickly, the history starts with Brain; runs through the likes of Melissa, Code Red and Love Letter (aka ILoveYou); and concludes with Stuxnet and Conficker. Interestingly the chart

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-40822236158485860542011-12-06T10:59:00.001Z2011-12-06T14:56:13.200Z

Porn, art or education? The Telegraph has reported that a UK ISP's new content filtering system has spectacularly failed to block a major hardcore pornographic website. TalkTalk's HomeSafe security product is supposed to block, "pornography, viruses and other potentially harmful content." However, "for more than a week the system has failed to restrict access to Pornhub, which offers

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-17656603150944672782011-11-30T11:13:00.001Z2011-12-01T10:13:24.507Z

Anti-malware or anti-virus tests can be very useful. Their results may help customers choose the product that is most suitable, which usually means a balance between the cheapest, easiest to use and most effective. However, there is a certain amount of suspicion that surrounds anti-virus testing in particular. I hope to address some of the issues here, at least from my own standpoint.

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-7876871755310138862011-11-30T09:50:00.001Z2011-11-30T10:04:06.507Z

One week ago Trevor Eckhart reported that HTC phones were loaded with secret software designed to monitor pretty much anything on a smartphone. The story of potential wholesale monitoring was disturbing and was made more so by the legal threats made against him at the time for disclosing the issue. Eckhart has now released video footage showing how the software is hidden and, most

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-9220485702755657142011-11-25T12:40:00.001Z2011-11-25T12:56:14.217Z

Stuxnet is one of the most interesting pieces of malicious code found in the last few years. It provides significant evidence that nation states are using computers to undermine each other. The well-made video below explains what Stuxnet is (a weapon in code form), what it did and poses some questions about the future. It suggests, incorrectly as far as I know, that the source code is

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-41945185612373343052011-11-24T09:52:00.001Z2011-11-24T10:23:08.884Z

Did a computer virus cause the explosion of an Iranian ballistic missile, capable of carrying a nuclear warhead? The story that is doing the rounds claims that on the 12th November 2011 a missile exploded in an Iranian army base. A number of Iranian officers and rocket experts were killed. The Stuxnet worm is considered to be the culprit. So far the facts seem rather vague, as the coverage

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-1986245147692618032011-11-23T15:52:00.001Z2011-12-01T10:12:30.256Z

Rootkit software is pre-installed on mobile handsets sold by major network operators. The software allows a remote administrator to spy on an individual, checking their location, what software they are running on the phone and what keys they are pressing. This news comes from Trevor Eckhart, who recently brought attention to a logging application that is pre-installed on HTC devices. That

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-85983213089281989332011-11-22T16:47:00.001Z2011-11-22T17:08:48.579Z

Big Brother is in your camera I've recently written a little about how cameras store information inside image files, and how this can be potentially dangerous (and also fodder for inaccurate scare-stories). While researching this subject, largely by glancing through other people's photos on photo-sharing site Flickr, I found that the amount of metadata stored by some modern cameras is quite

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-19130198853154356292011-11-22T12:08:00.001Z2011-11-22T12:25:44.212Z

A recent story in free London paper The Metro suggests that child abusers could locate victims by analysing images posted on Facebook. The claim is that locational metadata (specifically GPS coordinates) is retained in the image, which can then be viewed by anyone able to right-click and choose Properties. In the report Bradley Anstis from M86 Security Labs is quoted as saying that, "If your

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-38152969537186243832011-11-18T00:12:00.001Z2011-11-18T00:28:20.340Z

An engine exploding dueto unauthorised programming The following is an excellent video that demonstrates the potential impact of a cyber attack against 'real' systems, as opposed to hacking into computers and stealing data. What makes this four year-old video particularly interesting is that is clearly shows how accessing computer systems with malice can compromise safety, productivity and

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-82879092857858899372011-11-16T14:51:00.001Z2011-11-16T15:05:20.134Z

Eugene Kaspersky, of Kaspersky Lab fame, has published a short article on rootkits. It's not too technical for most to understand; it links to an interesting test of anti-virus software versus pre-installed rootkits; and it notes the easy availability of rootkits on the black market. Eugene writes that, "rootkits are not all bad/malicious," but that, "the general public has come to view this

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-1400281217636482752011-11-16T10:58:00.001Z2011-11-16T11:38:09.856Z

Researchers have found a way to open prison doors remotely from the internet. The discovery came hot on the heals of a strange event one Christmas eve, when all of the doors to a US prison's death row cells opened, apparently on their own. An investigation into this potentially disastrous event found that the problem was due to an electrical fault. However, further checks revealed that the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-40800697361150091192011-11-14T15:48:00.001Z2011-11-14T15:56:15.783Z

Ambulance workers had to allocated vehicles to incidents manually after a computer virus took down the automatic paging systems. The St John communication centres in New Zealand had to resort to using station phones and manually relaying information after the automatic alert system failed. According to a report by the Waikato Times, anti-virus software detected the threat and "protected the

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-33210513943652671332011-11-14T12:52:00.001Z2011-11-14T13:07:24.125Z

This plane is powered by UNIX You would hope that the passenger entertainment systems on aircraft were not connected to the systems controlling the engines. You might imagine that passengers would have no way to re-tune the engines in-flight, from the comfort of their seat. You might not want to read on. Security risk assessor Craig S. Wright claims to have audited the security of a Boeing

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-65287633139885420222011-11-14T11:37:00.001Z2011-11-14T12:26:52.918Z

Who took this picture, and where?Metadata might provide the answer. Uploading digital photos and video files can put more personal information online that you might expect. Modern digital cameras, particularly those used with smart phones and other mobile devices, often embed metadata into the media files. This can be useful. For example, you can tell what exposure settings were used, which

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-18375758263187167552011-11-14T11:16:00.001Z2011-11-14T11:28:00.847Z

This nice demonstration of a penetration test is notable for a few reasons. The attack all starts with a victim opening a PDF document. The same attack is shown to be possible when viewing a QuickTime video (at the end of the video). While some passwords are cracked (very fast), access to the Domain Controller is made possible by 'passing password hashes'. This technique does not require the

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-49034765088211023792011-11-10T16:48:00.000Z2011-11-10T20:40:02.852Z

Elk Cloner was the first virus to affect desktop computers Apple Mac personal computers are often said to be invulnerable to viruses. I've heard this claim from many Mac users as well as from the company itself. However, it just so happens that the very first known piece of malware was written for the Mac*. The Elk Cloner program was written by Rich Skrenta in 1982 (a year before Fred Cohen

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com3tag:blogger.com,1999:blog-2966570020272683110.post-56736439690289786162011-11-08T14:28:00.000Z2011-11-08T14:42:56.934Z

Even today security researchers run the risk of demonisation Security researchers used to be viewed with extreme suspicion but commonly they work with companies to fix problems, rather than cause them. Some IT firms have not quite entered into this spirit of cooperation. This year three separate cases have made the headlines. In April one researcher was threatened with legal action when he

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-46060445124731667202011-11-08T11:39:00.001Z2011-11-08T12:12:54.690Z

Charlie Miller sends a remote command to vibrate his iPhone A researcher has found a security hole that could allow unauthorised access to Apple iPhones. The embarrassing part of this news, for Apple, is that someone was able to sneak a potentially malicious application through its code auditing process. iPhone users rely on Apple to check through all third-party programs for security issues

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-66212323225910340972011-11-08T09:02:00.000Z2011-11-08T09:02:00.115Z

This video is a simulation of a worm infecting systems worldwide, as well as four networks configured with different security policies. The globe (left) represents the worm's progress across the world. The diagram (right) shows how it affects different types of network. The Sasser worm starts off slow but kicks into action halfway through the second day. Read about (and visualise) more

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-77021441691877079512011-11-07T13:55:00.000Z2011-11-07T13:59:20.290Z

Targeted advertising is very exciting if you are an advertiser, and somewhat spooky if you are the target. I've had many arguments with pro-targeted advertising people about how unacceptable normal people find it. Now Lisa Vaas has just written a piece about how hard people find it to opt-out of such systems. This prompts me to republish a column I wrote for Computer Shopper earlier this

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-69938323481093361652011-11-07T12:56:00.000Z2011-11-07T12:56:48.565Z

Rogue Android App stores are making Trojan applications available on purpose. Researchers have known for some time that malicious Android applications are often distributed via online stores other than Google's official Android Market service. This development is an interesting twist in which the entire alternative store is a scam. Any benefit of the doubt as to the stores' motives

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-7317812140764930542011-11-07T12:15:00.002Z2011-11-07T12:17:35.711Z

Shoulder surfing, Blade Runner style. Imagine a distopian world in which privacy did not exist and Big Brother was able to monitor everything you wrote down, even if you made sure there were no cameras behind you. Imagine the development of automatic surveillance systems able to pull data from your eyes. This is not the future. This is now (sort of). Researchers have investigated the

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-38636073536353378362011-11-07T11:02:00.003Z2011-11-07T11:04:28.221Z

This video is a simulation of a worm infecting a network. The two circles represent two different companies. When the malware infects a system within these companies a coloured blog turns red. Each company works in slightly different ways. The settings screen that appears at the beginning of the video shows how they differ. You can see how the differences affect the spread of the worm. In this

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-20756087082461087902011-10-31T09:54:00.000Z2011-10-31T09:54:12.982Z

A weakness in the way ATMs verify customers' personal ID numbers means that a corrupt bank worker could steal over £2m in one lunch hour. In a paper entitled Decimalisation table attacks for PIN cracking, Mike Bond and Piotr Zielinski note that there is a vulnerability in the way offline ATMs verify PINs. This vulnerability allows an attacker to successfully guess a PIN in 24 or even 15 attempts

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-64703346747294171702011-10-28T11:55:00.000+01:002011-10-28T11:59:56.530+01:00

When banks implement new online banking security measures they have a problem. They have to persuade customers that the often inconvenient new ways of accessing their accounts is actually for their own benefit. They do that by claiming that the new ways of doing things makes your money safer, which is surely for your own good. First let's look at chip authentication programmes, one of which is

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-25593935656603071262011-10-27T16:43:00.000+01:002011-10-27T17:53:51.394+01:00

As we start using the same types of devices, the online criminals will find their lives becoming less complicated. Macs are PCs running a different operating system. They have Intel processors in them these days, and have had for a around five years now, so there really is little difference. You can even install Windows on a Mac. The only reason you can't install Apple's OS X on a PC is

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-23785357839887240632011-10-27T15:58:00.000+01:002011-10-27T15:58:53.163+01:00

If you want to avoid a chunk of deeply unpleasant websites, you could compile a list of their URLs and put them in your computer's hosts file, pointing them to the localhost. This effectively blocks them. Dan Pollock has done the dirty work for you, so download the pre-configured hosts file and spare your eyes while also improving your computer security for free. I wish I'd had this the other

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-29717617884254146272011-10-27T11:19:00.000+01:002011-10-27T11:19:24.881+01:00

Last week I gave the début presentation of my anti-virus myths talk at the London International Technology Show. A few people have asked for access to the basic information that I used, so here it is. The talk lasted for around 40 minutes so this really is a bare-bones summary. Myth #1: Anti-virus protects 100% Real-world protection tests by Dennis Technology Labs (DTL) and other testers

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com1tag:blogger.com,1999:blog-2966570020272683110.post-89489532695833858592011-10-27T10:51:00.003+01:002011-10-27T10:51:25.318+01:00

Avira Premium Security Suite detected itself as a spy Trojan yesterday. More specifically, the anti-malware software generated a false positive on a DLL called aescript.dll, mis-classifying it as TR/Spy.463227. Avira claims that the problem can be fixed by running an update. In the last 24 hours the dodgy update affected over 10,000 users (see below).

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-43577864101481641932011-10-19T16:31:00.000+01:002011-11-14T14:49:43.351Z

This is not the QR code of death In July this year an inquisitive individual managed to create a QR code that crashed Google Authenticator on Android. Re-installation and deletion of data/keys was necessary. The "issue [was] caused by an invalid character '1' in the "secret" parameter in the URL encoded in the QR-code." A few more details, plus the offending QR code, are available on the

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-21172972361858106942011-10-19T16:08:00.000+01:002011-10-19T16:09:32.269+01:00

Unaccustomed as I am to public speaking... The accompanying multimedia extravaganza that will be my LITS presentation is a little more polished than my set of personal notes.

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-32953868463171387202011-10-19T15:42:00.000+01:002011-10-19T15:43:40.395+01:00

Speech recognition systems can delete your data and email porn to your Mum. When Windows Vista launched, Symantec produced a fun video showing how the in-built speech recognition system could be abused by a malicious website. Basically, a web page loads and plays an audio file containing instructions to delete data. Importantly speech recognition needed to be enabled, the speakers needed to be

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-65636370734466656392011-10-19T10:45:00.000+01:002011-10-19T16:08:57.595+01:00

On Friday I will be busting a few anti-virus myths at the London International Technology Show. We'll take a look at performance, both in terms of how much anti-virus software impacts a system's speed and its ability to protect against threats. We will also attempt to kill off a few platform prejudices (e.g. "I'm safe if I have a Mac"), explore common types of internet threats and reveal some

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-33576557776382821462011-10-18T17:14:00.000+01:002011-10-19T15:48:19.171+01:00

Want to run a penetration test but don't have the budget to call in a specialist group, nor the time to get to grips with the Metasploit console? Rapid7 has today launched Metasploit Community Edition, which combines the features of the free Metasploit Framework with a cut-down version of its commercial interface. Metasploit Pro provides a relatively simple interface to the powerful but complex

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-49967123280008755032011-10-14T17:48:00.001+01:002011-10-14T17:53:49.519+01:00

When you run real-world virus tests, it's best to use malware that people are really experiencing. That's what we do, but our approach is a little different to some. We find our own samples, independently of the anti-malware vendors. As a result, it's always interesting when we see research that suggests what the common threats are. These reports usually reflect our own findings, which is not

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-58718618917011660012011-10-06T13:48:00.000+01:002011-10-20T10:58:50.954+01:00

An Android Trojan is controlled remotely via 'command and control' (C&C) websites. Back in the days before Windows PC threats downloaded commands from websites a friend of mine, Stephen De Vries, predicted that just such a situation would occur. I think it was only a couple of months later before we started seeing that very behaviour. Many years later it seems that Android malware writers

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-67343833119734956102011-10-05T14:37:00.001+01:002011-10-05T14:37:57.969+01:00

I'm increasingly seeing anti-malware products that either automatically scan USB drives on insertion or that offer to do so. It has just come to my attention that Didier Stevens has written a script that can launch a program (like an virus scanner) when a USB drive is plugged in. So if you want this feature, your anti-virus doesn't have it and you use Windows then USBVirusScan is one solution.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-75090344191135831312011-10-05T14:26:00.000+01:002011-10-05T14:26:11.209+01:00

If your system becomes badly compromised by malware then one approach to fixing it is to boot from a read-only disk (such as a CD disc) and run a scanner from a safe, uninfected environment. Kaspersky provides a free bootable rescue CD that includes an anti-virus scanner. Other vendors do the same, but I mention Kaspersky here because a previous article, about an older version, is one of the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-60697424491860416192011-10-05T12:19:00.000+01:002011-10-05T12:19:24.121+01:00

Bletchley Park, wartime home of the Government Code and Cypher School, has received £4.6m from the Heritage Lottery Fund. The site, which is not too far from where I live, has been decaying for some time but it receives no external funding. Earlier this year Google provided some cash when it bought some of Alan Turing's papers. Bletchley Park is also home to The National Museum of Computing.

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-28557688592452778892011-10-05T11:47:00.000+01:002011-11-14T14:50:42.003Z

Buffer under/overflows #evilqr A paper on QR code security examines ways in which QR codes can be used to "attack both human interaction and automated systems." The document, published by Secure Business Australia, notes that while people may fall foul of phishing attacks automated systems "are most likely vulnerable to SQL injections and command injections." Two main approaches for attack are

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-57624209126364014962011-10-05T10:29:00.000+01:002011-11-14T14:50:02.624Z

They do what? #evilqr I recently noted the unsurprising potential for abuse that QR codes provide. One significant part of the problem is the QR code reader software itself. It may be vulnerable to exploits delivered directly by the QR code, for example. Or it might just take you to a potentially-hostile website without asking for permission. The code readers also have the potential to help,

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-26686610859311310302011-10-05T10:04:00.000+01:002011-10-05T10:10:59.581+01:00

Two easy-to-follow guides. Rapid7, the company that owns Metasploit, dropped by the lab yesterday to demonstrate some of its impressive products. This prompts me to list two excellent sources of information on how to actually use Metasploit. For those new to the software, you could do much worse than read the free Metasploit Unleashed online tutorials at Offensive Security. Additionally, the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-67166054136809332202011-10-04T13:48:00.001+01:002011-10-04T13:48:35.178+01:00

Linux developers have been asked to check their systems for signs of rootkits. The warning comes after Linux leaders discovered that important servers had been compromised. The advice given to developers is to re-install their operating systems. Alternatively the alerting email lists three Linux anti-rootkit tools. Then it's a matter of double-checking the package signatures and other onerous

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-17923665292780631932011-10-04T13:22:00.000+01:002011-10-04T13:22:27.376+01:00

I received the following press release yesterday: "CORRY, Pa. (MMD Newswire) October 3, 2011 - - "No Computer Viruses: No Antivirus Software Needed" (ISBN 1466274077) by J. Lynn takes readers through more than 25 years of computer technology history and offers a comprehensive argument for virus and malware prevention through the use of non-Windows operating systems." It will be interesting to

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-68419011999144174622011-10-04T12:27:00.001+01:002011-10-04T12:27:30.180+01:00

Our ISP has warned us that we've donwloaded a 'virus'. In the lab we download a lot of malware, including the exploits that are often used to install them. We do this using standard consumer ADSL internet connections to reduce the chances of detection by the malware authors and distributors. Last summer we had just completed a test that involved visiting at least 100 infected websites and

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-31120018011509454942011-10-04T10:25:00.000+01:002011-10-04T10:25:40.503+01:00

I can't work out if this is a spoof or just old. I can confirm that some of these techniques work, though*. Click to run Vimeo video * When I used them legally. Once.

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-18415693802898817902011-10-04T10:06:00.000+01:002011-10-04T10:06:03.734+01:00

When Betfair was hacked last year, thieves stole 3.5 million account names, 2.9 username with email addresses and nearly 90,000 account usernames with bank details. The company has now admitted to customers that its defences were breached - 18 months later. Betfair claims that the leak was not a threat to its customers because it has recovered the data. Claiming to have recovered stolen goods

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-91251604465493156152011-10-04T09:45:00.000+01:002011-10-05T09:40:59.672+01:00

A "massive security vulnerability in HTC Android devices" has been found. The possible consequences are significant. A researcher has found that software added by HTC to its Android devices exposes the following data: Phone numbers GPS data SMS messages Email messages Addresses Much more... Basically Trevor Eckhart has found that HTC preinstalls a logging application that 'sniffs' a lot of

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-33958206449825807132011-10-04T09:25:00.001+01:002011-11-14T14:51:14.218Z

Seen something interesting about QR code abuse? Have a Twitter account? #evilqr I'll take the most interesting content you find and compile it into a report.

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-85925964037821561362011-10-03T15:48:00.000+01:002011-10-03T15:48:11.765+01:00

Facebook has joined forces with security firm Websense to protect users from links to malicious web sites. Websense's Advanced Classification Engine (ACE) will analyse links that users click on in real time. If it considers them to be dangerous the page will be blocked and a warning message will appear. Reckless users may still choose to click through to the site. Source: Websense Testing

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-86522043811133642672011-10-03T13:28:00.001+01:002011-11-14T14:51:48.643Z

In possibly one of the most predictable events of 2011, the bad guys have been discovered using QR codes to direct victims to malicious websites. First, why was the predictable? Because QR codes are similar to URL shortening services, in as much as they offer convenience by replacing a hard-to-type string of characters with something that is simpler to handle by the user. The negative side

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-30422936974166407322011-10-03T10:27:00.000+01:002011-10-03T11:23:48.800+01:00

Microsoft's anti-malware software has mistakenly classified Google's Chrome web browser as a 'Severe' banking Trojan. According to The Register, "On Friday, a faulty signature update for both Microsoft Security Essentials and Microsoft Forefront incorrectly detected the Chrome executable file for Windows as a component of the notorious ZeuS trojan." While it seems that so far both Google and

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-86356963568876805992011-10-03T10:14:00.000+01:002011-11-14T14:56:24.509Z

A network switch sold on eBay has been found to contain sensitive information about a network belonging to the National Air Traffic Services (NATS) centre in Prestwick. The Cisco Catalyst switch was sold on eBay for £20. The buyer found that it held: Details of the VLANs in use and associated services Full VTP trunking data Device management accounts Read and Write SNMP community strings Full

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-16455927372511465532011-09-30T14:11:00.000+01:002011-09-30T14:11:41.952+01:00

It is possible to obtain secret keys to hardware-aided encryption by monitoring the power consumption of the device. The attack is called Differential Power Analysis (DPA). A security firm called Cryptography Research has just licensed its anti-DPA technology to an as-yet undisclosed mobile phone manufacturer. The company's website hosts an interesting video that demonstrates the principles

Simon Edwardshttp://www.blogger.com/profile/03186223772655626769noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-88973297149845011982011-09-19T11:52:00.005+01:002011-09-19T12:12:14.740+01:00

When I write I exhibit a nervous tic that involves my left hand twitching across the Ctrl-S keys every sentence or so. This is because I have fallen victim too often to Windows crashing out and losing unsaved work.* No one likes to see the infamous blue Windows error message, but maybe Microsoft has made a change that will at least reassure the less technical users.Windows 8 will feature a new

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-85245456553776956192011-09-19T10:59:00.008+01:002011-09-20T16:09:11.962+01:00

On the 19th July I took part in an interesting discussion panel about testing anti-virus software. This took place at a media event set up by Kaspersky Lab at The Fairmont hotel in San Francisco. The panel discussion, entitled "Examining Test Methodologies for Today’s AV", included myself, Jonathan Penn (Vice President Forrester Research), Lysa Myers (Director of Research, West Coast Labs) and

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-34140634781473428522011-09-19T10:43:00.003+01:002011-09-19T10:57:24.414+01:00

In 2001 the Nimda worm was unleashed onto unpatched systems across the globe. It spread fast, used multiple exploits and appeared shortly after another well-publicised worm (Code Red) had started attacking PCs.I found the following article that I wrote about it ten years ago to the day. It's no longer available on PC Pro's site, but Google's cache has a copy:New Internet worm combines threat of

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-87665860021830188632011-06-04T18:35:00.003+01:002011-06-04T18:42:34.416+01:00

Researchers have discovered a variation of the TDSS rootkit that runs its own DHCP server. The upshot is that when computers on the network ask for their IP address and other network configuration details, they are send unhelpful Domain Name Server (DNS) settings.The DNS settings direct the victims to a malicious webpage and block the rest of the web. The malicious page insists that the user

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-51884632023519635452011-05-07T18:01:00.000+01:002011-06-04T18:50:47.832+01:00

Dennis Technology Labs spent an intense few days in Prague this week. First we spoke to a group of European journalists about testing anti-malware applications (and the myriad issues surround this activity). The next couple of days were spent in AMTSO meetings, and finally we finished off the week at CARO.CARO is one of the most technical virus conferences around. It was great. Of particular note

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-12541424075582371472011-03-17T10:14:00.006Z2011-09-23T09:28:09.747+01:00

The last 12 months have been a time of massive development for Dennis Technology Labs. For a start, we've had to increase the amount of lab space to accommodate many more computers due to a large increase in demand for our testing services. We've also had to hire and train a larger number of testers. One of the reasons for this expansion is that DTL has started a program of constant

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-87432718087739088662010-05-06T17:16:00.000+01:002011-09-19T17:18:00.695+01:00

I've been testing anti-virus and other security software for a long time. Initially I ran small tests for computer magazines but over the years this activity has built up into a business. Now I operate a specialised lab that performs security testing for magazines, the public, businesses and security companies. Over the years the way we test has changed dramatically and today we have an

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-87540791396419715312010-04-26T16:33:00.005+01:002010-04-26T16:37:45.820+01:00

McAfee is offering support and, ultimately, cash to put things right with customers who fell foul of last week's dodgy update. In other words, if you've had to spend money to fix your computer then McAfee will reimburse you (within reasonable parameters).In a statement on its website the company says:"If you are currently running Windows XP we recommend checking to ensure you have the latest

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-42695753035853482592010-04-22T09:39:00.006+01:002010-04-22T15:17:29.866+01:00

A recent anti-virus update sent out by McAfee has caused Windows XP systems to fail. The update incorrectly detects a legitimate system file as being a virus, removes it and shuts down the system. The PC is then unable to boot correctly. Networking is disabled after the system is brought back into some form of useful state.The problem relates to the DAT 5958 update, which detects the svchost.exe

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com1tag:blogger.com,1999:blog-2966570020272683110.post-84482158631714729512010-03-18T11:45:00.002Z2010-03-18T11:58:02.807Z

A Trojan has been found in software associated with a USB battery recharger made by Energizer. The Energizer Duo Charger charges batteries, "via a USB port or AC wall-outlet" and its progress can be monitored by software that is downloaded from the manufacturer's website during installation. According to a report on The Register this software contains a Trojan.Energizer has taken the model off

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com2tag:blogger.com,1999:blog-2966570020272683110.post-29448750355266160932010-03-12T18:40:00.004Z2010-04-08T22:26:08.562+01:00

Swiss security firm Objectif Sécurité has made its ultra-fast Windows XP password cracking technology available for free on its website. OS has optimised its password cracking technology to benefit from the high speed of solid-state drives (SSDs). This, according to a report on The Heise Security, has resulted in successful cracking one hundred times faster than using its unoptimised system.A 14-

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-54794539620755716782010-03-03T11:36:00.003Z2010-03-03T11:43:39.699Z

A botnet comprising nearly 13 million infected PCs has been taken down. Three 'hackers' suspected of running the enterprise have been arrested and each face up to six years in jail. A report by The Associated Press said that, "the 'botnet' of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks," but quote police as claiming that the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com2tag:blogger.com,1999:blog-2966570020272683110.post-77517657654972011792010-02-22T14:36:00.005Z2010-02-22T15:10:35.284Z

Adverts on legitimate websites have been installing malware on victims' PCs for the last few days. All major online advertisement services have been affected. Visiting a site that uses any of the following services could potentially compromise your computer, with the end result being the installation of spyware and other unwelcome software:

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-66614280418509545382010-02-17T09:32:00.003Z2010-02-17T09:41:08.795Z

Dennis Technology Labs has published its latest anti-virus test report. PC Virus Protection 2010 II, which was conducted at the end of 2009, compared ten well-known internet security products. The results should change some preconceptions about certain products. Some very popular programs did not perform well at all, while the best results might challenge a few prejudices.The products were

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-50269904294837540302010-01-29T18:38:00.005Z2011-09-19T14:04:58.747+01:00

Following popular demand, we have launched the Dennis Technology Labs website.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com1tag:blogger.com,1999:blog-2966570020272683110.post-34987749653656920002009-12-07T12:09:00.004Z2011-10-03T22:56:18.753+01:00

Avast!'s CEO Vincent Steckler has made a public apology after the security company released a troublesome update to its anti-virus software. The virus database released early on Thursday caused some users "significant problems". It was sent out by engineers who bypassed the automated testing systems in an effort to fix a problem with the previous update. In his CEO's Corner blog, Steckler

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-26567247360321794352009-12-02T12:18:00.002Z2009-12-02T12:22:46.941Z

Lavasoft has published an image gallery, displaying screenshots of fake anti-virus software.Rogue anti-virus software is a very common threat on the internet. It is essentially malware that poses as security software. In most cases its motive is to blackmail victims into paying for virus protection (which will be of dubious quality, at best). In reality, these programs are scams designed to con

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-33708883791620912752009-11-26T08:54:00.005Z2009-11-26T23:05:51.792Z

One of Symantec's web servers has been compromised, according to unu123456's blog. Infosecurity reports that the site in question is a Japanese support site, which was hacked with an SQL injection attack. According to this report:Over 70 000 customers' details were allegedly in the hacked Symantec table, although Unu said that he extracted just five samples, which were obfuscated on the website

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-9834227174010905392009-11-09T15:32:00.006Z2011-11-14T14:52:47.930Z

Cyber warfare is most certainly no longer the subject of blockbuster Hollywood movies. An ex-chief of US national intelligence has told CBS' 60 Minutes programme that not only is the country vulnerable to cyber warfare but that it is unprepared for an attack. Speculating on what an attacker might do, Retired Admiral Mike McConnell said: "If I were an attacker and I wanted to do strategic

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-35408743419073234382009-11-05T10:22:00.003Z2011-10-14T17:58:31.198+01:00

Felix Dennis, the owner of Dennis Publishing (the company I work for), has written a poem about hacking and computer viruses. In his book Nursery Rhymes for Modern Times the poem entitled 'Hacker-boy, hacker-boy' tells the tale of a young lad who writes a computer virus to prove that he is better than others assume. As his virus successfully probes and vandalises systems across the globe the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-81425952775602056182009-10-29T11:30:00.005Z2011-09-19T14:06:08.104+01:00

We've been using the latest iteration of the constantly-evolving virus lab for nearly six months and it's proven itself to be pretty efficient. Here's what it looks like, without the hard-working (and devastatingly beautiful) testers getting in the way and distracting from the picture.There's actually a lot more to it than that, but it gives the general idea. There are more work stations to the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-41410821252540959772009-10-29T11:02:00.003Z2009-10-29T11:10:49.531Z

Those pesky cyber criminals are phishing for Facebook account details.This morning my email inbox contained 22 emails apparently from Facebook. I've listed the email subjects and their frequency below:Facebook Update Tool [2]Facebook Account Update [8]New login system [12]Needless to say, these are not genuine communications sent by the real operators of Facebook. For example, the 'New login

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-58378540660240143482009-10-27T14:46:00.005Z2009-10-27T14:55:16.008Z

Last month the support website for Razer, a gaming hardware manufacturer, was compromised and its archive of downloadable drivers infected with threats including a Trojan and a worm.I only found out about this yesterday while having lunch with Trend Micro's Rik Ferguson, who told me about his discovery of the problem.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-86620980178888736512009-10-27T14:33:00.003Z2009-10-27T14:44:35.907Z

For the last couple of months I and my team have been testing anti-virus software. Now the fruit of our labours is available online in a report presented to (and now published by) Symantec. You can find a direct link to the free PDF here.Norton Internet Security 2010 came out very well in the test, as did a number of its competitors. It is interesting to note the vast difference between products,

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-82669529344233280812009-10-19T15:07:00.006+01:002011-09-19T13:37:05.739+01:00

I've spent the last couple of months locating malicious websites and testing anti-virus software, and one thing that's very clear is that fake anti-virus programs are all over the place. The ones we've seen tend to install themselves automatically, as a 'drive-by download', although it's perfectly possible to download and install them directly from certain websites intentionally.When Symantec

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-14932958466170704212009-08-19T10:44:00.003+01:002009-08-19T10:53:59.907+01:00

I've been playing with Fiddler as part of my work testing anti-virus software. This morning I noticed an interesting add-on called Image-Flipper. In short, this turns images upside down before sending them to the client. It reminded me of a Pete Stevens article that I noted earlier.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-51027808768905559432009-08-14T10:43:00.002+01:002009-08-14T10:46:52.661+01:00

I've already discussed the issue of Windows hiding file extensions. Specifically, I've been disappointed that Microsoft has made this behaviour a default setting in Windows 7. There was a vague hope that the company would change this before releasing its new operating system but I can confirm that the final version of Windows 7 hides file extensions.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-79079538086701423462009-07-17T16:09:00.003+01:002009-07-17T16:23:24.109+01:00

While writing a short article that explains how to use the web anonymously, I remembered that someone had used the Tor anonymising network to capture email passwords. I found an interesting article about this at LWN.net. The upshot is that there can be a significant difference between privacy and security.An anonymising service will hide your IP address from the servers you access, which means

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-82914083383510001142009-06-30T17:11:00.002+01:002009-06-30T17:15:55.241+01:00

The prime target of an online FBI sting operation has plead guilty to wire fraud.Max Vision (previously known as Max Butler) was caught following FBI agent J. Keith Mularski's infiltration of a cybercrime ring.Vision is accused of trafficking 1.8 million credit card numbers and running a clearing house that enabled other cybercriminals to trade with each other illegally.More details:San Francisco

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-13396455233660901292009-06-30T11:28:00.009+01:002009-06-30T17:12:29.988+01:00

What happens when you make prank calls that send SWAT teams to people's houses? You get sent to jail - for ages.The Register reports on the downfall of Matthew Weigman (19), who made hoax phone calls to emergency services, resulting in armed teams of police raiding the homes of his victims. He's just been sentences to 11 years in jail.More details about the case are available on Wired, which

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-78197317304126667492009-06-23T10:10:00.003+01:002009-06-23T10:15:30.216+01:00

You should always keep your anti-virus software up to date, particularly if your PC is used to display weather reports on live TV...

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-69262695877145052192009-06-22T14:32:00.004+01:002009-06-22T14:41:29.954+01:00

Microsoft's new (and free) anti-virus program will be launched tomorrow. It's not going to be called Morro anymore, though. This codename will be dropped and the final product will be called Microsoft Security Essentials.As previously noted, this package replaces the underwhelming Windows OneCare, which is being discontinued. Even if Microsoft Security Essentials fails to ignite the world of

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-85489009463070939722009-06-22T14:17:00.003+01:002009-06-22T14:31:29.472+01:00

Anti-virus companies frequently state that the majority of malware threats exist on the internet, and specifically on websites. For this reason, they are developing reputation-based systems that can block websites and the malware that they try to download onto victims' computers. However, the world's largest anti-virus company has recently discovered that more than half of malware floating around

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-57574004340536077272009-06-19T18:44:00.004+01:002009-06-20T13:32:43.610+01:00

Last month I wrote about the fact that Windows (XP, Vista and 7) hides file extensions by default. In my view this poses a security problem. Let's illustrate this using a real-life example...I received a malicious email yesterday that contained a link to a file called bestvideo.avi.exe.If I was silly enough to download this file then my PC would show the file as being called:bestvideo.avi.exeIf

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-46050371457886302392009-06-13T12:35:00.002+01:002009-06-13T12:39:27.603+01:00

Microsoft's new anti-virus software will be released soon. Morro, which will replace the company's underwhelming OneCare product, is on the verge of release according to the BBC.Microsoft first announced its plans to stop charging for anti-virus software in November last year.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-31023449810621288972009-05-27T10:56:00.004+01:002011-10-05T14:26:35.091+01:00

Russian security firm Kaspersky has produced a bootable Linux CD capable of mounting and disinfecting hard disks used by Windows PCs. The ISO file seems to be freely available, although is tucked away on a part of the company's website that is pretty well hidden. This makes me suspect that it is not intended for general use. Amed Kamal wrote about it a week ago, providing a direct link. Using

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-41730228733229380302009-05-19T10:08:00.004+01:002009-05-19T10:25:08.367+01:00

A pre-release version of Windows 7 has been infected with malware and is currently being distributed on peer-to-peer networks.The tainted version of the new operating system includes malware that downloads further files from the internet. Trend Micro has named the threat TROJ_AGENT.NICE.Last month criminals attacked Mac PCs using a similar tactic. They added malware to pirated versions of Apple's

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com1tag:blogger.com,1999:blog-2966570020272683110.post-72045433048811966532009-05-15T15:10:00.009+01:002009-05-15T15:50:17.707+01:00

It is possible to install Windows 7 Ultimate Edition into an instance of VMware Server 1.0.5 running on Windows Vista. It is not a trouble-free process, however.If you want to do the same, know that I set up a custom profile based on 'Windows Vista (experimental)' and chose to use a virtual IDE hard disk. Windows 7 does not have drivers for VMware's network adapter so install VMware tools (VM -

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-23020175576079680802009-05-15T14:44:00.004+01:002011-09-19T14:06:08.104+01:00

Just over two years ago we put together our first purpose-built anti-virus testing lab. We're now upgrading it so that we can test more security products in less time - and expose them to more threats.The new lab will be three times larger and will be relocated to its own secure basement lab space, with air conditioning and full-height rack-mounting facilities.We've just received delivery of the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com6tag:blogger.com,1999:blog-2966570020272683110.post-69521413428774568782009-05-11T10:27:00.008+01:002009-05-11T10:42:22.305+01:00

Darkmarket was a trading website that allowed criminals to buy and sell personal data such as credit card numbers. When two of the criminals involved in this type of business were arrested last year, video footage of the bust was made available on the internet. It shows a room full of running computers and devices used to create fake credit cards.Darkmarket was actually an FBI sting operation,

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-91435277520457391812009-05-07T14:33:00.002+01:002011-11-14T14:59:58.999Z

A hard disk bought from eBay contained launch procedures for a ground to air missile launch system.According to the BBC, researchers from BT and the University of Glamorgan bought disks from the UK, America, Germany, France and Australia. They then examined these disks to see if they contained sensitive data.How hard is it to analyse second hand disks? According to Professor Blyth from the

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-29585465528805004722009-05-06T15:33:00.002+01:002009-05-06T15:40:26.083+01:00

People are the weak link in most security systems. This much is said frequently by security experts. The BBC has published an article that introduces the business of physical penetration testing, a task carried out by tiger teams. The idea is that you pay a company to attempt to gain physical access to your building.In this example, Colin Greenlees, a consultant of Siemens Enterprise

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0tag:blogger.com,1999:blog-2966570020272683110.post-10789255158175032342009-05-05T17:45:00.005+01:002009-05-05T17:52:33.339+01:00

Message Labs has produced another range of visualisations. This time is has updated its archive with representations of some more recent threats, as well as illustrating its email services.The new images are now available from the Message Labs site.

Simon Edwardshttp://www.blogger.com/profile/11222957562823909636noreply@blogger.com0