twitter facebook rss

Agents Smith & Jones versus the Bad Guys

Posted by Kevin on December 24, 2016

A new breed of endpoint protection software has emerged over the last few years. If we simplify things – probably over-simplifying – this breed of products uses machine-learning technology to teach itself behavioural rules that can detect and block known and unknown malware in situ. This is the central theme of what is usually known […]

Lying dormant cyber pathogen

Posted by Rob Slade on March 8, 2016

For those of you who are concerned about lying dormant cyber pathogens I have some advice: Be afraid.  Be very afraid. You see, I’ve got one.  Actually, I’ve got more than one. Why not?  I’ve been studying cyber pathogens, also known as “malware,” for three decades.  I’ve got binders full of the things, from back […]

Tyupkin gang arrested by Europol

Posted by Kevin on January 7, 2016

Europol has disrupted an East European gang using the Tyupkin trojan to steal from bank ATMs. Eight people have been arrested following house raids in Romania and Moldova. Few details have been provided in the Europol announcement beyond ‘substantial losses across Europe to the ATM industry.’ Tyupkin is described here by Kaspersky. The report is […]

Still speculating about anti-virus after all these years?

Posted by Kevin on June 23, 2015

The Intercept yesterday published an article titled Popular Security Software Came Under Relentless NSA and GCHQ Attacks. I am one who in the past has wondered about the relationship between the spy agencies and the anti-virus industry (see, for example, AV and the NSA: is the anti-virus industry in bed with the NSA – why […]

Did you see what they wrote about you? Phishing!

Posted by Kevin on June 13, 2015

The last thing you do when you get this message is click the link; because the first thing you think is, uh-oh – scam. But, hey, this is a security company. Surely it can’t have been hacked? Maybe they’ve been deep diving into the dark web and have found something nice about me… or really […]

If this phish works, we’re all doomed

Posted by Kevin on May 2, 2015

If information security depends on a combination of technology and user awareness, we’re all doomed. Firstly, how the hell did this get through the spam filters? (Unless, of course, this quality of grammar is acceptable by today’s educational standards.) And secondly, I’m assuming the criminals wouldn’t bother if it didn’t provide a return. That means real […]

FireEye/Mandiant points finger at China – again

Posted by Kevin on April 15, 2015

When I first started commenting on FireEye the company was noticeably reluctant to attribute malware and malware campaigns to specific actors. The accusation market changed when Mandiant published its famous report: APT1 Exposing One of China’s Cyber Espionage Units. And things changed for FireEye when it bought Mandiant. I am somewhat cynical about Mandiant (it is […]

Crimefighters take down Beebone botnet

Posted by Kevin on April 9, 2015

EU and US crimefighters have announced today that, in conjunction with Intel Security, Kaspersky and Shadowserver from the private sector, they have taken down the Beebone botnet (also known as the AAEH botnet). I would normally say that such statements are a bit of an exaggeration. Usually the most that can normally be claimed is […]

Avast, there, AV vendors …

Posted by Rob Slade on March 21, 2015

I noticed, recently, that some of my email was going out bearing the message: > This email has been checked for viruses by Avast antivirus software. > I use Avast, so I wasn’t too worried.  It’s (generally) a decent product, and has a “turn off temporarily” feature, even in the free version, which I […]

Trusteer vs. Minded Security in fighting financial fraud

Posted by Kevin on February 16, 2015

We’re talking financial fraud – malware-instigated theft from your bank account… This will be sacrilege to many, but I’m no fan of two-factor authentication (2FA). In fact, I think it can be positively dangerous. There are two primary reasons: It’s not all that effective. Once the bad guys have rooted your PC or installed a […]