Mindblown: a blog about philosophy.
-
WireX DDoS botnet takedown shows the best side of the security industry
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many people who really care about making the world a more secure place. We have seen many examples of researchers from competitor companies…
-
VB2017 preview: Your role in child abuse
When previewing VB conference talks, I often get excited about presentations that are to showcase clever attacks and brilliant techniques to fight them. About Mick Moran’s VB2017 presentation though, rather than feeling excited, I feel uncomfortable. It is, however, one of the most important talks ever to have been presented at a Virus Bulletin conference,…
-
ROPEMAKER email exploit is of limited practical use
Researchers at Mimecast have published details ( pdf ) of an email exploit they call ‘ROPEMAKER’ (short for ‘Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky’), which allows an email sender with malicious intentions to modify the appearance of an email after it has been delivered. The idea is rather simple: a lot of…
-
VB2017 preview: Your role in child abuse
When previewing VB conference talks, I often get excited about presentations that are to showcase clever attacks and brilliant techniques to fight them. About Mick Moran’s VB2017 presentation though, rather than feeling excited, I feel uncomfortable. It is, however, one of the most important talks ever to have been presented at a Virus Bulletin conference,…
-
ROPEMAKER email exploit is of limited practical use
Researchers at Mimecast have published details ( pdf ) of an email exploit they call ‘ROPEMAKER’ (short for ‘Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky’), which allows an email sender with malicious intentions to modify the appearance of an email after it has been delivered. The idea is rather simple: a lot of…
-
VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America
A few years ago, I saw an ATM being opened for the first time. “Hold on,” I thought, “this is really just a Windows XP PC!” Suddenly, I realised that, to attack an ATM, cybercriminals wouldn’t need to write anything like Stuxnet-level malware. Indeed, ATM malware has been on the rise, particularly in Latin America,…
-
VB2017 preview: Mariachis and jackpotting: ATM malware from Latin America
A few years ago, I saw an ATM being opened for the first time. “Hold on,” I thought, “this is really just a Windows XP PC!” Suddenly, I realised that, to attack an ATM, cybercriminals wouldn’t need to write anything like Stuxnet-level malware. Indeed, ATM malware has been on the rise, particularly in Latin America,…
-
VB2017 preview: Stuck between a ROC and a hard place
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive rate – something that has become even more important with advances in machine-learning detection technologies. Making the model too strict will result in false positives, while making…
-
VB2017 preview: Stuck between a ROC and a hard place
Authors of security software in general, and anti-virus software in particular, have always needed to find the right balance between a high detection rate and a low false positive rate – something that has become even more important with advances in machine-learning detection technologies. Making the model too strict will result in false positives, while making…
-
VB2017 preview: Consequences of bad security in health care
Earlier this month, at the SHA2017 hacking camp, among the professional hackers and security experts, there was one speaker with a rather unconventional CV: Jelena Milosevic’s day job is that of an ICU nurse at a Dutch hospital. But despite having a different background, Jelena is just as passionate about security as professional hackers, if…
Got any book recommendations?