29 Apr Drawing the line
14 Apr It's all in the number
18 Mar Tips from the pros
08 Oct Back on the road again
Join our blog
You can contribute to our blog if you have +100 points. Comment on articles and blogposts, and other users will rate your comments. You receive points for positive ratings.
Interesting news on Trojan SMS Blockers (Winlock etc). These programs block Windows and demand a ransom in the form of a text message which is sent to short number for a fee. It's a very popular type of racket at the moment, both in Russia and a few other countries.
The whole affair has now reached the General Prosecutor’s office of Russia – the criminals have been identified and detained (or so it seems) and will be prosecuted in Moscow soon.
Altogether the criminals have earned an estimated 790,000 roubles, or $25K. Moreover, they have caused other damages by blocking or crashing a yet to be determined number of personal and company PCs. Very often people have needed to re-install the OS and all software and then restore data from backups - even after paying the ransom.
But I wanted to focus on the outcome – or the possible outcome of this incident, not on the investigation, arrests and so forth.
There seems to be quite a loud response to what I thought was a rather simple idea. In this post, I am going to go over the main points – somewhere when I have more time I’ll share my ideas in detail so people could see exactly what I am proposing.
Imagine that everyone flying in your plane is anonymous, so you don’t know who they are and what they’re up to – are you really going to approve of this? And Internet is as critical and as vulnerable as the air transportation network. So why do we have different security standards for these two global networks?
Another prototype of e-passports is the two-factor authentication we now use to access corporate networks. The only thing that is missing today is a common standard.
Anyway, I am happy to see that my ideas have raised so much discussion; I think that open public discourse and idea-sharing is the only way to make Internet a safer and a better place.
The so-called 'malware obfuscation contest' proposed by the folks at Race to Zero is already generating contradictory discussions.
IMHO - either something is ethical or not...and I firmly hold that creating new malware to bypass security products 'for fun' is not!
We anti-virus researchers have always opposed the creation of new malware under any circumstances. The only excuse for creating malware in test environments that ever sounded vaguely reasonable was the old "we need to create new samples in order to study attack methods in detail".
Let's get real folks - we are seeing new samples by the thousands today - we have more than enough 'live' malware to study in order to improve our technologies. So even if this excuse was "sort-of-maybe one-time-only almost-acceptable" once upon a time, it is NOT acceptable in 2008.
Ah, numbers: there are simple numbers, magic numbers, lucky numbers and unlucky numbers. There are people who are scared of numbers, people who don't understand numbers, people who love numbers, and people who ignore numbers. Me...I love numbers and always pay attention to how they sound and taste.
Yesterday some of us got on a flight to Boston from NYC. As the computer produced my boarding pass, I watched the numbers unfold and saw that this was a special day: number 13 was the name of the game.
13 - the date
13 - the flight number - with the 2 and 0 voided by the 20 in the gate number
13 - the boarding time
3 + A in hexadecimal is 3 + 10 =13
Four 13s on one boarding pass!! Wow - I'm amazed I survived! How did I do it, you might ask if you happen to believe in the bad luck 13 brings?
I don't know: maybe it was because the flight departed at 200P or APR 2008 =14 if you add the digits in that line. And finally, it was my 14th flight of the year, not the 13th.
So, I survived and I'm completing this US tour with a day in Boston. Flight number 15 of the year will be tomorrow and I'll be looking at new numbers.
We're going to be at InfoSecurity Belgium in Brussels over the next two days.
I'm here with our team - we've got advice on how to stop cybercriminals and malware in their tracks.
Joining us will be Jean-Marie Pfaff, named by Pele as one of the world's greatest living footballers, who will share top tips and tricks on how to stop the opposite side from scoring too many goals.
Come by and see us at booth B067 to discuss football and malware - the new approach to risk management.
Developing a global presence - that's far from an easy job. Traveling to different time zones, hopping from city to city, from hotel to hotel - although this might sound fund, it's not relaxing. But from another point of view, it's what has to be done to develop the company: listen to other's points of view, present our position, educate users and develop markets. And on a personal note, it is interesting to have the opportunity to visit so many new places, meet so many new people and hear so many new accents.
Last week we started our trip over the East Cost with four presentations in Boston, and more than 150 people from the local IT industry attending. Right now I'm in the plane with others - Steve, Randy, Chris, John, Jennifer, Shannon and Darcie, enjoying the life 32000 feet above the ground. And with several cities behind us there are also several ahead of us.
If any of you want to drop in - we'll be in Mexico soon!
ComputerWeekly.com provided us here at KL with a giggle today.
Boy, are we glad that it wasn't one of us :-))).
We've heard that another lot of cyber criminals were arrested, this time in Italy. More than 150 arrests for bombarding Italian users with fake mails. The phishers' ill-gotten gains – around 1,250,000 euros.
These guys were targeting the most popular Italian banks, and some users were getting 30+ phishing mails a day! The attacks were such a problem that they were even discussed on TV (although sadly not by the major news channels).
The arrests are the result of an investigation which began in May 2005. We'll be tracking this case, waiting for news of convictions and jail sentences. We'll keep you posted on progress.
Do you think that installing Linux on an iPod is a waste of time? If you work in an anti-virus company it's not – you’re preparing the device to play with the first known virus for iPod.
It’s a typical proof of concept sample, showing that here’s another device that can be infected. It took us time to run the sample because the virus has bugs and sometimes crashes the system with Linux debug messages.
Overall, I don't think iViruses will cause serious problems in the future. The iPod world is very different from the PC and smartphone world. Users aren’t constantly installing new software and downloading a wide range of files, so that cuts down on the possible infection vectors. And what’s there to steal from an iPod? Multimedia files, and that's about all.
So – it was an interesting little puzzle, this proof of concept, but nothing more.
We just got contacted by a Russian user whose machine picked up Junkie, an old multipartite threat that infects COM files and the hard disk MBR
We haven't seen anything like this for a while. With all the changes in technology, I wonder how much longer Junkie and its like will manage to survive.