Oct 19

"Evil Thug" goes after Full-Disk Encryption

Security 4 Comments »
Security Boy do I have news for you security people out there; I have a 100% reliable way of breaking all encryption! I call it the "Evil Thug" attack. I provide this service for a small fee. The entry level service will get me or an employee for a hour, this is all it will take to break any encryption in the world (and no we don't need a prostitute, even for 2048bit RSA encryption).

Continue reading ""Evil Thug" goes after Full-Disk Encryption"

Posted by Dominic White

Last modified on 2009-10-24 16:15
Oct 19

When AntiVirus was the Virus

Security 2 Comments »
Security

This weekend was rather eventful, and we learned a valuable lesson about viruses, security software, and professional scepticism in IT environments. I've briefly documented it below so you can learn from our mistakes.

Last week Wednesday a virus was detected on a client's network. The anti-virus (AV) host intrusion prevention system (HIPS) was updated to block access to the URLs the virus was using to fetch its payload and other control instruction.. However, the domain lookups[1] to these URLs increased massively by Friday, so much so, they caused the internal firewalls to fail due to the load from trying to inspect this traffic. Domain lookups were then blocked at the firewall, but the source of the lookups persisted. However, network access was restored and outwardly there was nothing wrong.

Continue reading "When AntiVirus was the Virus"

Posted by Dominic White

Last modified on 2009-10-20 00:07