VBS/Loveletter demonstrated that sometimes the quality of malcode doesn’t matter if the social engineering hits the spot.

Hoaxes about terrorist attacks in the UK: just hoaxes, or delivering malware?

iOS, AV, and why I don’t (usually) make product recommendations.

For years there have been suspicions that the anti-virus industry is maybe not so clean from NSA taint as it should be. I have been one of those doubters: AV and the NSA: is the anti-virus industry in bed with the NSA – why do CIPAV, FinFisher and DaVinci still defeat AV?  FBI, CIPAV spyware, […]

…or geolocating spooks, Bunny bugs, and the elephant in the room… Disclaimer: while I’m an independent author and consultant, I do work closely with one of the security companies mentioned in this article. However, while the starting point for this article is a blog article it recently published, this isn’t about generating extra Likes and […]

One of my favourite companies is F-Secure. F-Secure is a company that hasn’t just sat back and said, ‘Oh, how terrible – governments are spying on us.’ F-Secure is fighting back by developing the technology that makes it more difficult for governments to spy on people. I recently asked F-Secure’s Sean Sullivan why his company […]

On Tuesday, Reuters published an exclusive report on a new FBI alert about destructive malware. The Reuters report was low on facts but high on conjecture (much of which is quite possibly true). Have you wondered, however, why a report on a document that the reporter has seen should be so low on facts? [It […]

Patrick Wardle’s KnockKnock is useful for the generic detection of OS X programs that maintain ‘persistence’, but it isn’t a replacement for anti-malware.

I recently came across a comment to one of my blogs – it doesn’t matter which, because it didn’t actually relate directly to the article it was attached to. The commenter wanted to know whether she needed to install anti-virus onto her tablet, because ‘tablets can’t get viruses’, as her son had told her, and […]