Ransomware like CryptoLocker is a game changer in the malware wars – and not in a good way

The rapid spread of CryptoLocker, an example of a malware category known as ransomware, is upping the stakes in the cyber security wars. I think it is a game changer.

Ransomware is malware that steals your data by encrypting it, and then demands a ransom to decrypt it. The latest breed of ransomware uses strong

…continue reading Ransomware like CryptoLocker is a game changer in the malware wars – and not in a good way

Adobe’s security calamity: 2.9 million customer account details accessed

Adobe has reported a major security breach. According to the FAQ:

Our investigation currently indicates that the attackers accessed Adobe customer IDs and encrypted passwords on our systems. We also believe the attackers removed from our systems certain information relating to 2.9 million Adobe customers, including customer names, encrypted credit or debit card numbers, expiration

…continue reading Adobe’s security calamity: 2.9 million customer account details accessed

Does anti-virus work? Does Android need it? Reflections on AVG’s security suite

I’m just back from AVG’s press event in New York, where new CEO Gary Kovacs (ex Mozilla) presented the latest product suite from the company.

Security is a huge topic but I confess to being something of a sceptic when it comes to PC security products. Problems include performance impact, unnecessary tinkering with the

…continue reading Does anti-virus work? Does Android need it? Reflections on AVG’s security suite

Hands on with Microsoft’s Azure Cloud Rights Management: not ready yet

If you could describe the perfect document security system, it might go something like this. “I’d like to share this document with X, Y, and Z, but I’d like control over whether they can modify it, I’d like to forbid them to share it with anyone else, and I’d like to be able to destroy

…continue reading Hands on with Microsoft’s Azure Cloud Rights Management: not ready yet

Ubuntu forum hack sets same-password users at risk

Canonical has announced a comprehensive security breach of its forums.

Unfortunately the attackers have gotten every user’s local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text, they are stored as salted hashes. However, if you were using the same password as your Ubuntu Forums one

…continue reading Ubuntu forum hack sets same-password users at risk

Another reason to use tablets: desktop anti-virus does not work

The New York Times has described in detail how it was hacked by a group looking for data on Chinese dissidents and Tibetan activists. The attack was investigated by security company Mandiant.

Note the following:

Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products

…continue reading Another reason to use tablets: desktop anti-virus does not work

Windows 8 defeats booking.com virus

Someone trying out Windows 8 release preview brought her machine to me to look at. She was having trouble with an email attachment. The email was in fact carrying a virus, one that purported to be from booking.com though it had nothing to do with that company. The supposed booking is in an attached zip

…continue reading Windows 8 defeats booking.com virus

Macro virus reborn: ACAD/Medre.A steals drawings using AutoCAD AutoLISP

Remember the Concept virus? Someone wondered if you could make a self-replicating virus with a Microsoft Word macro. It worked; and the proof of concept soon became a real virus causing the usual mayhem and spoiling our clever VBA templates.

Microsoft locked down Office macros fairly effectively; but the idea lived on and has re-emerged

…continue reading Macro virus reborn: ACAD/Medre.A steals drawings using AutoCAD AutoLISP

The confusing state of Microsoft’s TMG and UAG firewall and proxy software

I have been trying out Microsoft’s ForeFront Unified Access Gateway (UAG) recently, partly because it is the only supported way to publish a SharePoint site for Windows Phone. This was my first go with the product, though I am already familiar with the Threat Management Gateway (TMG) and its predecessor Internet Security and Acceleration Server

…continue reading The confusing state of Microsoft’s TMG and UAG firewall and proxy software

Google and the UK Citizens Advice Bureau – an uncomfortable alliance

I picked up a Guardian newspaper today and could not miss the full-page Google+ advertisement. Or was it? The advertisement stated that it was from the Citizens Advice Bureau in partnership with Google. The Citizen’s Advice Bureau (CAB) is a well-respected (and genuinely useful) service which runs a network of offices in the UK where

…continue reading Google and the UK Citizens Advice Bureau – an uncomfortable alliance