Pinterest is a fast-growing social network with a demographic that is of much interest to advertisers. Unfortunately, they are also of interest to malicious folks spreading malware and building botnets. Last night, my wife stumbled upon something that looked awfully suspicious while she was browsing Pinterest. With a bit of digging, I found an attempt to make the setup less … [Read more...]
Two more examples of people being dumb online
TMI, or Too Much Information, describes what far too many people are posting online. Not even taking advantage of privacy options on the social networks, many are posting a scary amount of information without a second thought. Here's one example from Twitter and another from Facebook. … [Read more...]
Avoid websites that store your password in plaintext
If you forget your password to a website and your 'forgot password' request is answered with your password being emailed to you, there's a problem there. Your password should at least be hashed with one-way encryption and stored in the database securely. Even though it's convenient, it's very bad security. As was exhibited by several database breaches recently, even hashed … [Read more...]
The cynic’s guide to security product presentations
Just as we saw what every stereotypical presentation looks like, here's a video that highlights the formula that almost every security product presentation follows. It's a bit painful to watch because it reminds me of a lot of wasted time sitting through presentations and webinars but it's also entertaining because it's nice to know I'm not the only one thinking these things. … [Read more...]
Watch Mark Russinovich hunt malware with SysInternals tools
At a TechEd 2012 session earlier this week, Microsoft Fellow (SysInternals developer and author) Mark Russinovich presented. In the session, he used several Sysinternals tools to show their usefulness not only in just diagnosing and troubleshooting a Windows PC but also engaging in the hunt for malware. This session provides an overview of several Sysinternals tools, including … [Read more...]