BLOG

In the last 20 years PDF (portable document format) files have become a standard for data interchange. Adobe Acrobat or Reader are the common programs that are used to open these files. When they are opened, mysterious contents can include bad stuff (malware). Since 2001 PDF malware has been regularly released. Because the stuff that goes inside a file can be written in lots of different formats that can be obfuscated, just looking at the file by

Read More

For a while we have heard of really clever hacks. Things like USB memory devices that can implant bad stuff on our computers. Here’s a just-discovered scary one. Lenovo is apparently shipping their computers with a permanent back door giving them control over the machine configuration. It is called the “Lenovo Service Engine”. It looks like this back door “feature” also provides prevents a clean install of the operating system since a hidden part of

Read More

Some computer security news is painful. Here’s one about EMET that is good news. Microsoft has an add-on called the Enhanced Mitigation Experience Toolkit. It really does increase the difficulty for intruders to exploit Windows. I have used it since it was first announced and recommend it. A new version, EMET 5.5, was just released. The toolkit works in the background and doesn’t do much but stop suspect activity. This means that it is not for gamers. Games

Read More

Today I enjoyed the opportunity to be one of the instructors in a ASIS CPP certification program. My topic was information security in the face of today’s risks. The big change in computer network defense is today’s axiom, “The attackers are already inside my networks”. Firewalls are important but not valuable without more advanced defense tools and skills. Critical issues are: Locating assets Defining what’s normal, setting off an alarm when threats are detected Preparing

Read More

We all receive waves of unsolicited (and downright yucky) emails coming in from time to time… yet few of us can give up online activity. Sometimes it just gets unbearable; I remember the day that I got 600 spam emails! Here are some spam-fighting ideas. Most of these ideas don’t cost much — whether you use them or not. Use a bunch of email addresses. It’s pretty cheap to get a domain, park it with an

Read More

There’s nothing that can get your attention like an immediate death threat. Sometimes they seem random, like that aircraft crash that is moments away. Others are really personal like a guy with a gun pointed at you. Having survived these and a few others I feel qualified to say I know how it feels. Threat assessment is the process of jumping into the middle of a threat situation and estimating the probability of different outcomes.

Read More

You have your gold in a safe; your birth certificate is in the bank. Where is your company’s online identity? What if someone steals your internet domain for a porn site? A friend of mine had invested in a very neat one-word domain that he expected to become really, really valuable. One day his web site was gone. It had been stolen by a crook in Hong Kong who told the domain registrar that he

Read More

The sweep that we completed a while back in a medical office found a vulnerability that exposed ALL PATIENT RECORDS. We checked for the usual hidden microphones; all that was discovered was a cordless phone vulnerability. While working in the area we couldn’t help but notice a zillion patient records that were in an unlocked area. This risk was highlighted by a cleaner who arrived while we were working. Later, asking the client who the

Read More

It works like this: you get a warning message about bad things on your system it includes a link to a web site for unlocking your computer you are given a secret unlock procedure (that may do more harm than good) This scheme, called ransomware is another way to make money from all of us folks who have computers. We dealt with this in a local bank. The really great lesson here is that the

Read More

While working on the east coast I discovered a new WiFi threat, a small box with 2 radios and interesting software. It can fake the ID of a friendly WiFi system luring unsuspecting users to connect. The technology inside performs a man-in-the-middle attack. This can grab packets that contain important stuff. In a test in our own WiFi lab I surfed to a bank. My connection showed up in a browser as http://my-bank.com and the

Read More