Category: Computer Crime

The Curious Case of Annie Myous: Part II

In one of my recent posts, I described how I was contacted by a young lady on Google Plus, and how I was having trouble tracking down the scam. Well, now that I know for sure it’s a scammer, rather

Posted in Computer Crime, Dialogue, Social Engineering

Waging War in the Digital Age

What are the ethical ramifications of waging war via computer? Does war even have to be declared? Where are the boundaries in the virtual world? What happens when machines begin to think for themselves? These are the questions I explore

Posted in Computer Crime, Ethics

The Immutable Friday Fav Five for September 23, 2011

Here are the five or more links that I found interesting for this week: This is just all kinds of awesome. It’s not that I am with the bad guys, but when they get this creative you have to give

Posted in Computer Crime, Intrusion Detection, Log Analysis, Secure Design, Vulnerabilities Tagged with: ,

The Immutable Friday Fav Five for September 9, 2011

Here are the five links that I found interesting for this week: The Shadowserver foundation is comprised of a group of volunteer security professionals who gather information about Internet-based crime. One of the more interesting projects is a compilation of

Posted in Computer Crime, Dialogue, Incident Response, Intrusion Detection, Log Analysis, Research, Secure Administration, Secure Design, Standards, Systems Hardening Tagged with: ,

The Immutable Friday Fav Five

Here are the five links that I found interesting for this week: Mitigating the Apache Range Header Attack. This is a pretty good overview of several ways you can protect yourself for little to no cost. Also, see my post, Detecting

Posted in Computer Crime, Encryption, Incident Response, Intrusion Detection, Log Analysis Tagged with:

Don’t Swallow the Blue Pill Just Yet

Virtualization is a quickly growing area in IT right now. The prospect of running dozens of virtual servers on one physical server is most appealing. As long as licensing costs don’t eat up too many of the savings, it really

Posted in Computer Crime, Risk Management, Secure Administration, Systems Hardening Tagged with:

Detecting the Apache Range Header DoS Attack with OSSEC

If you run Apache, you may have heard about the DoS vulnerability last week. Apache suffers from a condition where an attacker can remotely cause the web server to consume huge amounts of memory. This causes the system to be

Posted in Computer Crime, Intrusion Detection, Log Analysis, Research, Standards Tagged with: ,

The Immutable Friday Fav Five

One of the reasons I started this blog was to share things I had encountered in the security and privacy world. I have done quite a bit of editorializing, but not too many of the quick and useful posts. I

Posted in Computer Crime, Incident Response, Intrusion Detection, Log Analysis Tagged with: , , ,

Breaking Down the Advanced Persistent Threat

Sometime when I wasn’t paying attention, a bunch of marketing folds must have gotten together to come up with a new, catchy acronym. I imagine the meeting must have gone something like this: Joe: We’re not selling enough of our

Posted in Computer Crime, Incident Response, Intrusion Detection, Risk Management Tagged with:

Beware of Payscale.com

Awhile back, I blogged about how not to handle notification of a possible breach. In that case, I began to receive spam to a very unique address only used at one place. When I attempted to report the potential breach,

Posted in Computer Crime, Ethics, Incident Response Tagged with: