Monday, December 01, 2008

suggested reading

  • As stock market drops malware rises - PandaLabs
    it's not even marginally novel to suggest that malware authors take advantage of the emotional reactions people have to significant world events, be they tsunamis, ice storms, or presidential elections... thus, it it shouldn't come as any great surprise that when people feel their personal finances are vulnerable they are more likely to fall for fake security software, ironically in an attempt to better protect themselves...
  • Schneier on Security: The Neuroscience of Cons
    schneier says fascinating and i have to agree... i just wonder how well this applies to the kinds of social engineering we see in malware and related online threats...
  • ThreatExpert Blog: McColo - Who Was Behind It?
    the story behind the story of mccolo... i wonder what the rap group's connection with the carders was (ie. why were rappers sending out their message for them)...
  • White Listing – The End of Antivirus??? | ThreatBlog
    another balanced whitelisting opinion... i especially like the airbag vs seatbelt metaphor at the end... blacklists and whitelists complement each other, folks - one is not a replacement for the other...
  • Shoulder Surfing a Malicious PDF Author « Didier Stevens
    interesting post about a couple pieces of pdf-embedded malware... the takeaways are 1) malware authors are STILL not great programmers (seems like script kiddies are packaging their 'work' in other files now), 2) incremental update functionality allows script kiddies like this to 'show their work', and 3) script kiddies don't learn from the past (re: formats that contain unique identifiers - might want to ask david l smith about the consequences of that)...
  • Spire Security Viewpoint: WabiSabiLabi Update
    wabisabilabi to close? sounds like good news to me... auctioning off vulnerabilities is a slippery slope that leads to providing a financial incentive for the general public to create attacks, which really isn't a precedent we as a society should be setting...
  • Pirates and Internet Crime - F-Secure Weblog : News from the Lab
    one of the most salient points i've seen made about online crime in a long time... it is indeed as much a social problem as it is a technological one - it is a subset of crime and the reasons for it's existence or it's driving factors are the same as those for conventional crime... so long as those social factors exist so too will crime (both online and offline)...

0 comments: