Measure and counter measure – malware and anti-malware

There is a small, high-tech and rather geeky war going on and the battlefield is your PC. Like any war, each side is trying to learn from the other. This war is for the ownership of resources – and ultimately for money. Maybe most wars are. Let us look at some of the details.  …

1

Malware that wants to stay – Some passive protection tricks

Hello again   I wanted to talk about some of the things that malware does to make itself hard to remove. Most Trojans are designed to work on an average XP workstation and make assumptions based on that – which typically breaks servers in rather nasty ways.   I was recently looking at a Russian…


Security Updates – Are they the answer?

Ah, another “update Tuesday” – known to the rest of the world as “patch Tuesday” but we are not supposed to call it that. We have a fine crop of updates for you but I am not going to talk about those, partially because we won’t be releasing them for several hours and partially because…

2

Antimalware tools and tricks

Ah, I am back in the office and settling into to my normal day to day work.   I am fairly often asked to remove malware from systems which the anti-malware programs on that particular PC system can’t handle. In fairness, it is often not the AV products fault. Most (more than 75%) of malware…


Doing it yourself.

Hello again Two blogs in less than 48 hours? Whatever could be happening? No, this is not a reference to the issue documented in http://www.microsoft.com/technet/security/advisory/943521.mspx which is interesting but certainly not widely exploited in Europe. No, today I would like to relate what I did on Wednesday night. I was helping a friend redecorate –…

2

Can you break Law #1 and get away with it?

To save you scrolling down, let me restate Law #1 of the immutable laws of security: “If a bad guy can persuade you to run his program on your computer, it’s not your computer anymore” Is there any possibility that it is safe to do business with a computer that has malware on it? The…

1

Targeted attacks – a sniper rifle, not a scattergun

Malware is often thought of as an equal opportunity nasty. After all, real viruses affect the rich and poor equally. However, things are not as they once were. In the heady days of Blaster and Slammer and Nimda et al, the malware would infect anyone that it could.   Worms are not often found these…

1

How malware likes to hide

Well, technically, how malware writers like to hide malware. In my last post, I talked about subversion – hacking the OS not to see the malware. That is part of the rootkit. Not all malware uses a rootkit and all malware has to avoid detection by signature based anti-malware tools like standard anti-virus solutions and…

1

Malware over the years. It is only paranoia if they are not out to get you

In a slight change of pace, I would like to talk about malware and how things have evolved. I am not exactly a spring chicken which surprises some people because I am still part of the support organization. I like it here – I am working on real problems that affect real people. Working on…

2