Do you know this guy? The troll? Internet Explorer fights back.

For years, Internet Explorer has been maligned as the browser that trails the others (Firefox and Chrome). However, to its credit, IE 9 and 10 has always performed very well in security tests, beating its rivals. Competition has resulted in three good browsers. But yet, Internet Explorer gets no love. Microsoft is aware of this…

2

Are spammers just like high frequency traders? Or is it the other way around?

A couple of weeks ago, we had a problem wherein a spammer signed up for our service tens of thousands of times and started sending out low volume spam. He would send a small blast and then discard the account. He would then move on to the next one and would send out the same…

3

10 Simple Things you should do to Protect your Privacy

A couple of months ago, Kashmir Hill over at Forbes published an editorial on 10 simple things you should do to protect your privacy. I thought I would repost them here. I’m not going to go into detail about the specifics because they are available at the article (and I am too lazy to retype…


Cyber security conference in Asia

I was contacted by a reader of mine about an upcoming conference in 2013 in Asia – the 3rd Annual Cyber Security for Government Asia 2013, to be held in Kuala Lumpur. I’m always interested by conferences over in Asia because I have so much less visibility into that part of the world. It feels…

1

Oh, Microsoft, where art thou?

In its recent Q3 2012 Threat Evolution, Kaspersky reported on the Top Ten Threats that it saw during the previous three months. Here they are with the percentage of users on whose computer the vulnerability was detected: 35% – Oracle Java 22% – Oracle Java again 19% – Adobe Flash Player 19% – Adobe Flash…

1

Israel also looking to a cyber army national reserve

The same day I wrote my blog post US potentially looking to establish a cyber army national reserve, I stumbled across another article in the Telegraph: Israel invests millions in drive for elite cyber warriors. But unlike the US national reserve cyber version, the Israeli version is more about fighting on offense than trying to…


A promising new antispam technique – does it deliver what it promises?

I’m always skeptical when I read about new antispam techniques, especially those ones coming out of academia. Today, while browsing news stories, I came across the following article entitled Scientists devise new technique to get rid of spam mail. Here are some excerpts: Researchers have proposed a new statistical framework for spam filtering that can…


The relationship between economics, malware and piracy

Today, I read a report released by the Legatum Institute where they published their 2012 Prosperity Index. In their research, they surveyed 142 countries and ranked them against eight variables: their relative Economies, Entrepreneurship & Opportunity, Governance, Education, Health, (personal) Safety & Security, Personal Freedom and Social Capital. You can read about their methodology at…

3

U.S. potentially looking to establish a cyber “army” national reserve

<My fist slams down on the desk in a satisfied act of self-congratulations> I knew it! A couple of weeks ago on my blog, I wrote a blog post entitled Will cyberwar create new rules of engagement? In it, I mused about the possibility of whether or not the government would ever draft people from…

1

How to measure False Positive rates

As someone who is in charge of our spam filtering here in Microsoft Forefront (i.e., I’m on the spam team and one of my tasks is to improve the service, but it’s not me all by myself), there are two critical pieces of information: What’s our spam catch rate? What’s our false positive rate? I’m…


Is the term “cyberwarfare” overstating the case?

At the Virus Bulletin conference last month, Andrew Lee from ESET gave a talk entitled “Cyberwar: Reality or Weapon of Mass Distraction?” In it, Lee talks about how the term “cyberwar” is thrown around a lot these days. However, he disagreed with the use of the term because it uses inflationary language and overstates the…


The Top Spamming Countries

A little over a week ago, Sophos published a blog post about the countries that sent the most spam in the third quarter of 2012. They found that India was number one on the list with 16% of the spam, followed by Italy at number two with 9% and the US at number three with…

2

The modern face of mobile malware

At the Virus Bulletin Conference last month in Dallas, Grayson Milbourne and Armando Orozco presented a talk entitled XXX Malware Exposed: An in-depth look at the evolution of XXX Malware. I have renamed it in this blog post to mobile malware because the techniques that malware writers are doing are not unique to any one…


A couple of unsurprising tidbits on passwords

Digital Trends published an article yesterday entitled What’s the Worst Password of 2012? Retaining the number one spot as the least secure password for yet another year, people that continue to use the phrase “password” as their personal password remain at the highest risk when it comes to hacking. Detailed in SplashData’s annual report, the…


Evaluating anti-virus products with field studies

Did you ever wonder how people get malware onto their computer? Or how effective real life A/V software is on zero-day malware? Or just malware in general? Current A/V evaluations have some drawbacks: They are based on automated tests and therefore are not representative of real life They do not account for user behavior They…