Browse Blog Posts by Tags

Showing related tags and posts for the Blogs application. See all tags in the site

Security Awareness Post 2: Beware of malicious software

October is National Cyber Security Awareness Month, and as I stated in the last post, I decided to celebrate by writing some Security Awareness posts. Almost as if they knew what I was going to write about, I received this spam comment on my last post this morning: "such a very informative and valued...

Posted to Jesper's Blog by jesper on Sat, Oct 2 2010
Filed under: Filed under: Security Pontification, National Cyber Security Awareness Month
October is National Cybersecurity Awareness Month

The U.S. President has declared October 2010 to be " National Cyber Security Awareness Month ." While the term "cyber" may not be particularly clear to most people, what this really is about is How To Stay Safe Online ; and not just in America. Staying safe online is crucial everywhere...

Posted to Jesper's Blog by jesper on Mon, Sep 27 2010
Filed under: Filed under: Security Pontification, National Cyber Security Awareness Month
Don't fire people until after you wipe their phones

A very commonly required feature for mobile access to email is remote wipe - the ability to reach out and wipe all corporate data off a mobile device. Exchange ActiveSync supports this feature and has for several versions now. You, as the Exchange or Security administrator can issue a remote wipe command...

Posted to Jesper's Blog by jesper on Thu, Apr 8 2010
Filed under: Filed under: Windows Security, Security Pontification, Security
Fake Anti-Malware is Apparently Microsoft's Fault

Munir Kotadia, an IT Journalist in Australia, has finally managed to figure out how to blame Microsoft for the fake anti-malware epidemic. Apparently, the reason is that "Microsoft could save the world from fake security applications by introducing a whitelist for apps from legitimate security firms"...

Posted to Jesper's Blog by jesper on Sat, Oct 24 2009
Filed under: Filed under: Security Pontification
Web Of Trust: RIP

It's official. I just received an e-mail from Thawte notifying me that, as of November 16, 2009, the most innovative and useful idea in PKI since its inception, the Web of Trust , will die. Thawte was founded 14 years ago by Mark Shuttleworth. The primary purpose was to get around the then-current...

Posted to Jesper's Blog by jesper on Wed, Oct 14 2009
Filed under: Filed under: Security Pontification, Thinking differently
And finally, standard user malware

Today I finally got wind of my first piece of true standard user malware. MS Antispyware 2008 has turned standard user. The version in question installs the binaries in c:\documents and settings\all users\application data\<something>, and makes itself resident by infecting HKCU\...\Run. Curiously...

Posted to Jesper's Blog by jesper on Tue, Sep 1 2009
Filed under: Filed under: Security Pontification, Least Privilege, Security
Is it ActiveX that is the problem?

Last week, an expert from Verizon, nee Cybertrust, posted a note about the Active Template Library (ATL) security vulnerability over on the Verizon Business Security Blog . For home users, the phone company now advises you to use a different browser, ostensibly because IE and ActiveX are inherently insecure...

Posted to Jesper's Blog by jesper on Sun, Aug 9 2009
Filed under: Filed under: Security Pontification
Please do not e-mail my social security number

Recently I had a very interesting incident. I wrote an article some time in 2008 and the publisher paid me a little bit of money for it. That means the publisher must send a report to the Internal Revenue Service (IRS - the U.S. tax department) reporting that they paid me, as well as send me a form called...

Posted to Jesper's Blog by jesper on Tue, Jan 27 2009
Filed under: Filed under: Security Pontification, Security
Kip Hawley: "No, the TSA is Necessary Because This is War!"

CBS News did a story a few days ago on the Transportation Security Administration (TSA). Basically it was a tit-for-tat between Bruce Schneier , security pontificator extraordinaire, and Kip Hawley, the administrator of the TSA. Mr. Hawley's maintans that the TSA provides a necessary service because...

Posted to Jesper's Blog by jesper on Wed, Dec 24 2008
Filed under: Filed under: Security Pontification
One "Hacker" Attempts to Rule The World

Wired, always a source for amusement and interesting literature, just carried a story on a "hacker" (the magazine's use of the term equates to "criminal") who attempted to dominate the market in stolen credit cards. It's a neat story about an unsavory character who is not...

Posted to Jesper's Blog by jesper on Wed, Dec 24 2008
Filed under: Filed under: Security Pontification
Believe it or not; DRM for Zune is down!

Shocking, yes, I know, but in only four hours this evening Microsoft has managed to alienate over 150 additional customers with its insistence on Digital Rights Management (DRM). This time it is the DRM component of the Zune store that is down, according to the 164 posts so far over on the Zune forums...

Posted to Jesper's Blog by jesper on Tue, Dec 16 2008
Filed under: Filed under: Security Pontification
What do you think, should I do it?

I get a fair bit of blog spam - comments advertising everything from sexual enhancers to fake anti-malware. This one just came in this morning: Sweet! I can turn off all the blog spam just by e-mailing the criminals? Or, could it possibly be that this is a clever ruse find out what my e-mail address...

Posted to Jesper's Blog by jesper on Sun, Nov 16 2008
Filed under: Filed under: Security Pontification
Fun Experiences at Airport Security

For a while I've been thinking about writing something about interesting times I've had at various airport security checkpoints; security theater, as they have come to be known. There is the obvious shoe removal arguments and the ill-defined rules on electronics (my camera is larger and has more...

Posted to Jesper's Blog by jesper on Sat, Nov 15 2008
Filed under: Filed under: Security Pontification
Is MS08-067 Wormable?

A couple of weeks ago Microsoft released an out-of-band security update in bulletin MS08-067 . Looking at the type of vulnerability and the fact that the issue was already being exploited in the wild at the time, this was a good decision. If you have not already installed this security update, you should...

Posted to Jesper's Blog by jesper on Tue, Nov 4 2008
Filed under: Filed under: Security Pontification, Security, Thinking differently
Security is About Passwords and Credit Cards, Part 3

The final installment in my series called " Security is About Passwords and Credit Cards " is now up on TechNet Magazine. This part of the series discusses updating technologies, including how not to abuse them, messaging about security, and the checkbox syndrome. It ends with the final comments...

Posted to Jesper's Blog by jesper on Sun, Aug 10 2008
Filed under: Filed under: Security Pontification

Page 1 of 3 (42 items) 1 2 3 Next >

All postings are copyright Jesper M. Johansson or Steve Riley, in the year they were made. These postings are provided "AS IS" with no warranties, and confer no rights. All postings are the sole opinions of Jesper M. Johansson or Steve Riley and do not reflect any official opinion of anyone else with whom the poster(s) are affiliated or has been affiliated in the past. Use of included code samples is permitted for non-commercial use, with no warranties of fitness express or implied. All use of any information or code snippets posted in this blog at the user's sole risk. The blog site would like to thank www.ownwebnow.com and www.exchangedefender.com for their support.

Powered by Community Server (Commercial Edition), by Telligent Systems

Theme based on the Paperclip Blog Theme included in Community Server.
Enhanced to a Site-Wide Theme by Interscape Technologies.

Recent Posts

Tags

Browse Blog Posts by Tags