How to recover from Malware infestation? How to avoid getting malware in the first place

I encourage customers to architect machines such that data is stored in a separate partition of the hard disk – this makes it far less painful should the worst case scenario of machine rebuild be required. It’s certainly true that insidious malicious software often takes advantage of cloaking (rootkit) techniques and once present are very…


I’m NOT a Girl!

…but I have been to a Girl Geek Dinner and plan to go to more. As the name suggests they focus on the female perspective of technology. Of course I have no idea how many of you are Girl Geeks – if you are one then you can add your name to the WIKI and…


Where can I find out how to write secure code?

The Microsoft Application Security Website is a UK based resource that aims to help you write more secure code. The site includes links to the Developer Highway Code which is named after something that’s only likely to make sense to those of you who have lived in the UK. UK drivers are supposed to follow advice held…


Send a Muglet Birthday card!

Browse here  to find out how to create a muglet  together with a personalised song – you can send it to whomever you choose! Nothing to do with Security but I thought you’d enjoy it. I’m not going to post any more about Muglets now 🙂


Should you apply third party security fixes to Internet Explorer

In a word NO! There’s a thorough explaination of the logic behind this answer on the Microsoft Security Response Centre (MSRC) blog here. The MSRC own the responsibility of balancing the compromise between the risk of our customers being exploited through vulnerabilities versus the risk of applications breaking due to application of security updates. The team…


Secure I.T. or lose IT – an interesting securty blog

Browse here to read a new interesting security blog written by Paul Vincent – he’s titled it “Secure I.T or lose IT” which I particularly like.Paul blogs about “Microsoft security and how we can stop the bad guys from stealing our stuff” – it’s well worth a look Paul is a friend of mine who contributed…


Evidence of a website that appears to be hosting a malicious keylogger trojan horse

Trojan horses (software that includes “features” that may work against the user’s intentions) are hardly new, nor are keyloggers. I find it interesting that the “My Anti Spyware” blog includes a post detailing reports of an apparently malicious website that’s hosting a trojan keylogger. Click here to read the details for yourself. Recommendation: keep patched…


What threat do Keystroke Loggers pose to your environment?

Keystroke loggers take the form of hardware or software that record the keyboard activity of the target system. There’s an interesting article discussing both hardware and software keystroke loggers on the InternetSecurityOnline blog. Reading the article led me to conduct a little ad hoc research to grasp the prevalence on keystroke loggers. I browsed to…


Here’s the easy way to find practical advice from TechNet and MSDN blogs

Click here to browse to the search portal which enables you to search by keyword across all TechNet and MSDN blogs. It’s a handy site as you can search for blogs with specific keywords in their title (hence you can find all security oriented blogs) OR in their content (hence you can find all posts…