As you might know, solving CAPTHCAs is not really a difficult task for the underground economy. Initially, they wrote code to do it – but then learned that it is easier to outsource the puzzle solving to cheap labor. For a few dollars you can have a CAPTCHA farm solving 1000 CAPTCHAs for you. Fairly . . . → Read More: The Future of CAPTCHAs?
This morning I read an article on Infoworld: Why you should care about cyber espionage which – to me – is a strange question. First of all, most companies have to protect some sort of intellectual property. It is not new for the Internet, that state-driven espionage not only targets state’s secrets but industrial espionage . . . → Read More: Cyber Espionage and Targeted Attacks
Depending on where I travel and with which customers I talk, patch management is still the number 1 issue coming up. Not only is the challenge to deploy the updates – much worse, there is still an awareness issue in a lot of markets. People know that they should patch but too often do not . . . → Read More: The Challenge of Patch Management
Typically January is the month where we are asked to make predictions on the trends for the New Year. I do not like this as I am an engineer and not a fortune tellerJ. But there are things we know and things we definitely need to drive this year. I would actually put it into . . . → Read More: Security in 2013 – the way forward?
In the recent months, we have seen more and more targeted attacks towards our customers. A lot of them use a technique called Pass the Hash. This made us publishing a paper, which explains Pass the Hash but much more important shows some fairly simple to implement mitigations against this type of attack. As they . . . → Read More: Mitigating Pass the Hash Attacks
Trustworthy Computing just released two papers on current issues:
Determined Adversaries and Targeted Attacks Whitepaper
This paper shares Microsoft’s insights into the threat that Determined Adversaries and Targeted Attacks pose, identifies challenges for organizations seeking to combat this threat category and provides a context for other papers that will directly address each of those. . . . → Read More: Two Papers on Current Issues
You should spend 15 minutes on this TED talk – really worth it!!
A while ago, when I was travelling a journalist told me that he never pays for our software as he can easily download a tool to crack Windows XP (he was still running XP). We had an interesting discussion afterwards (besides the fact that he showed me how he steals our goods) about security. He . . . → Read More: Security Implications of Pirated Software
Wow, that’s an interesting question:
Let’s say a Canadian flies from New York to Tokyo on Korean Air and hacks the German tourist’s computer seated in front of her while over the Pacific. Who’s laws apply? (Canada, US, Japan, Korea, Germany?)
I mean, we have a hard time answering this question if everybody . . . → Read More: Hacking on the plane: who has jurisdiction?
This would really be outstanding!! Swiss scientists develop algorithm to sniff out the source of malware and spam attacks
Especially if it can be used by the police to get them!