Security

Clever “Adobe Risk Management” Fake Alert

Earlier this year, I posted an example of a ridiculously contrived attempt to propagate malware. For as amateurish as that one was, this one is the exact opposite: a very clever and convincing ruse. The message purports to be courtesy of an Adobe “Risk Management” official, referencing a known Acrobat exploit, and urging the application of a patch.  What made it quasi-legit was not the fact that it came from Adobe, but that it came as a simulated mail thread from company VP to company VP, ultimately addressing an end-user by name and directing her to take action. I am not a malware expert and did not deconstruct the PDF or EXE to know if or what was infected, but it all seemed suspicious enough to me…

(continue reading…)

Share/Bookmark

Copying from Copy Machines

The leased copiers used by my former [bankrupt] employer are soon to be retrieved by the vendor. We need to make sure that the internal hard drives are wiped clean, since – in addition to the ex-company – the on-site bank Assignee used them during the ABC process, and likely contain what would be considered sensitive info.

Internal disks are used in copy machines for batch runs as well as scan-and-hold print jobs, and are a potential gold mine for data thieves. I don’t see an easy way to “wipe” in the admin functions, and I am not sure of the legal implications of simply taking a hammer to the HDD (given that the property has reverted back to ownership of the lease-holder). We need to make a point of asking the vendor.

The EU is proposing legislation, albeit aimed primarily at PCs and other devices, that conceivably could spill over and impact potential copier data breaches as well.


I Spokeo Too Soon

Perhaps you may have heard of Spokeo? I assume it is pronounced Spo-Keo rather than Spoke-Oh. It is billed as “not your grandma’s phonebook”. It claims to have been around since 2005, but I have only just now heard of it. I haven’t seen much press, but it certainly is getting word-of-mouth buzz. And not in a good way. Much of it is more concern than interest.

(continue reading…)


Internet Speed

In 2004, the average time for an unprotected computer to get infected with malware was 20 minutes. In 2006, that dropped to 12. These days, it can be measured in seconds. But that metric is typically focused on Windows PCs exploited by virii and bot-nets. What about other platforms like Linux? Anecdotal evidence suggests that it is truly a scary world out there for everyone.

(continue reading…)


Anatomy of a Malware Mail Message

The difference between virus and spyware is a real grey area. Many anti-malware tools excel at stamping out one, but can let the other slip through. Because of this, I try to caution my users to not assume our lines of defenses are infallible. ABC: always be cautious.

(continue reading…)


Is Your Hosting Provider Destroying Data?

My hosting provider is knowingly destroying “my” data, and I was livid when I found out. But it turns out that this is normal practice for many (if not all) shared-server providers, even if they do not immediately disclose it.

(continue reading…)


  • DarkSideGeek on Twitter

  • New This Month

    November 2017
    M T W T F S S
    « Apr    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • Copyright © 1996-2010 The Dark Side Geek. All rights reserved.
    Jarrah theme by Templates Next | Powered by WordPress
    %d bloggers like this: