ICSA Labs Blog: Cybercrime

DNS Changer Catch 22

In my last blog I talked about the DNS Changer and its impact on victims.  Today, the DNS Changer deadline has arrived, which means victims of DNS Changer are kicked off the Internet until they have their computer fixed. 

An obvious problem is this: Many people need software to fix their computers.

So you have a catch 22…
Those that need to fix their computer need software, but the software is on Internet sites they can’t get access.

Cloud Security: Not all Clouds are Created Equal

This was my initial response to a question posed by the panel moderator, Brad Gow at the NetDiligence Cyber Risk and Privacy Forum a few weeks back.  Our panel was focused on emerging technologies, and was comprised of myself, Tom Kellerman (Trend Micro), Mike Viscuso (Carbon Black), Brad Gow (Endurance Insurance), and Mark Teolis (

Will Malware Knock Thousands Off the Internet?


DnsChanger deadline looming

The DnsChanger deadline is this coming Monday. In short, any personal computer infected by this DnsChanger malware will no longer be able to access the Internet until it is cleaned.   


Countries Rushing to Cyber Weapons: First Stuxnet, Now Advanced Iran W32/Flame, Flamer or SkyWiper

The Other Shoe Just Dropped
Over the weekend, multiple reports appeared about a new piece of cyber malware, named, W32/Flame, Flamer or SkyWiper. I’ll stick with the official CARO name of W32/Flame.A.

Been around for a least a couple of years, undetected

Cloud Computing Data Breaches – The Facts

Every year the buzz grows around the Verizon RISK team’s release of its annual Data Breach Investigations Report (DBIR). 

As an incident response professional, the DBIR is one of my favorite reads.  This year’s DBIR included analysis of security concerns in cloud computing.  So for those of you interested in cloud security, this is the blog post for you! 

The report, on page 40 states:

Identity Theft – How You Could Become a Lifelong Victim

Hi folks,

Continuing in the vein of Things That Normal People Need To Watch Out for, I came out of the gym a couple of weeks ago, and as I went to my car door to open it, I found the ground was covered by smashed windscreen glass. Having quickly assured myself that it didn’t come from my car, I found it came from the car beside me, and while I was contemplating this fact, the owner of said car came up, simultaneously talking on her cell phone, looking worried and trying to assure me that all was well.

Mac Attacks: What n00bs are saying

A couple of days ago, I got this phish in email…

You can instantly tell it’s a phish by the fact that it is addressed to multiple recipients, but to my eyes, it is further proof of the changing situation for Macs. 

Mac Malware

For quite some time, techies have understood that Macs were not invulnerable to malware, and the idea that there was not much Mac malware was a natural consequence of relative market opportunity for the bad guys. Put another way, there were way more PCs than Macs, so there was simply more opportunity for a return on their development and marketing effort. To paraphrase John Dillinger, “I rob banks because that’s where the money is.”

How to Unmask Spam and Scams

I nearly wasn’t going to write about this, as it seems so basic, but then I got my second direct pitch from them in less than two weeks, and if nothing else, I figure they deserve to be outed.
It all starts with an email like this ….