News and Events

May 20, 2013

Lessons from the latest Mac malware

Given that an organization of one is about the smallest SMB you could find, it is clear that any person or group that has valuable enough information, or who makes someone mad enough, can be targeted by organizations with either the resources to write a 0-day exploit, or steal some legitimate code signing ability.

April 25, 2013

Assume You’re Breached

The Verizon DBIR came out today, and, as usual, it’s full of interesting data...my favorite sentence was in the opening paragraph. It said, “A growing segment of the security community adopted an “assume you’re breached” mentality.”

March 11, 2013

Windows 8

One other feature in Windows 8 is built in anti-malware protection...

January 14, 2013

Thoughts about this week’s Java 0-day

A few days ago, the world became aware of the existence of a new Java exploit...

December 19, 2012

Why Online Shopping with a Debit Card is a Bad Idea – Part II

Naturally, I’m watching my account closely, and you can imagine my surprise when two more odd-looking transactions appeared last night...

December 17, 2012

Why Online Shopping with a Debit Card is a Bad Idea – Part I

A couple of weeks ago, I had my debit card stolen. I found out because I logged into my bank account and noticed a pending purchase of $50 from Facebook. Now Facebook is a lot of fun, but I’ve never bought anything from Facebook, and probably never will.

December 4, 2012

Social networks tumbling

Recently, some bad guys found a vulnerability in Tumblr that allowed them to spread, in a worm-like fashion, what they thought was a funny message. Thousands of Tumblr users were affected, and while it probably caused some minor embarrassment to both Tumblr and those who were infected, there are two bigger issues in these days of cloud computing and burgeoning social sites.

December 3, 2012

SMISH Scam

This morning, we woke up to find this SMISH (Sms Phish) on my wife’s cell phone…

August 21, 2012

Shamoon – a week later

Late last week, word surfaced about a new piece of malware that had apparently attacked an oil company by overwriting all or most files on a victim’s pc...

August 21, 2012

Clickjackers still Chasing Facebook

A friend recently asked me to check whether a particular link was malicious, so I fired up my trusty sacrificial goat pc, and clicked the link in question...