If you know the Conficker dude, we’ve got a prize for you

Yesterday (12 February 2009) Microsoft announced a partnership with technology industry leaders and academia to implement a coordinated, global response to the Conficker (aka Downadup) worm. Together with security researchers, Internet Corporation for Assigned Names and Numbers (ICANN) and operators within the Domain Name System, Microsoft coordinated a response designed to disable domains targeted by Conficker….


Attacks against integrity

I’ve been mentioning this frequently during my talks in the last 12 months: that accidental or malicious data modification is yet something else we need to defend against. Richard Bejtlich wrote last year about attack progressions, and this year summarized an accidental integrity error that created minor havoc at Veteran’s Affairs health centers. Richard’s progression…


Poll: do you use scheduled scans for malware?

An  interesting comment recently appeared on my older post about whether or not to use antimalware software. Peter van Dam wondered whether scheduled scans are really necessary, given that anti-malware products scan files as they enter (and sometimes exit) a computer. He raises a good point, and I’m curious what all of you think? Do…


Throw away your digital picture frames

Surely time itself has warped and it’s suddenly April 1st. Come on, if you read the following, wouldn’t you first think it was a hoax, as did I? Virus from China, the gift that keeps on giving An insidious computer virus recently discovered on digital photo frames has been identified as a powerful new Trojan…


Supporting your family, friends, and neighbors

By Steve RileySenior Security StrategistTrustworthy Computing Group, Microsoft Corporation(originally published at http://www.microsoft.com/technet/community/columns/secmgmt/sm0208.mspx) I’ve met thousands of IT pros during my years speaking at conferences around the world. And if there’s one thing that’s true for all of us it’s that all IT pros become support professionals for their family, their friends, and their neighbors—your “FFN”…


More on Autorun

Last month, in my post “Autorun: good for you?” I described why I believe you should disable Autorun on all computers in your organization. I also explained how you can do this for XP and Vista computers. Well, it turns out that Windows will override this setting if you insert a USB drive that your…


What’s your data worth? More importantly, to whom?

This week, I’m attending and spoke at a cybercrime conference in Singapore. One of the presenters made a very good point, and I want to share it with you. When considering how to protect your data, don’t consider how valuable it might be to an attacker. Always, instead, consider how valuable it is to you….


More on the necessity of antivirus software

A few days ago, I wrote a brief post about my non-use of antivirus software on my own computers. A number of people have asked me privately if I am recommending such a stance to other individuals or to organizations. Let me be perfectly clear: absolutely not. For the vast majority of folks, the four…


Autorun: good for you?

Yes, if you’re a five-year-old and you’re tired of always asking mom or dad how to start the game on the CD. No need to know how! Just pick up the disc (a little peanut butter on your fingers helps with the grip), slide it in the drive, and wait for the game to start….


Antivirus software — who needs it?

In the newsgroups a few weeks ago, someone asked about which anti-virus software is best for experts. This is a really curious question. I’ve been involved in computer security — as a practitioner, a consultant, and an instructor/speaker — for several years. I feel fairly confident in calling myself an expert. I don’t run anti-malware…