Royal Scams

It's great news that the William and Kate have had a royal baby boy!

However, as with most high profile news stories, you need to be very cautious of scammers and fraudsters using the good news as a means for distributing malware and committing fraud.  

Remember if it sounds too good to be true, then it probably is! 

If someone's sending you a link to a picture or something else then you need to keep a few things in mind:

1. Just because a link or email has come from a trusted friend, doesn't mean to say that its a safe email. Their account might have been hacked. 

2. If it's legitimate and nothing bad or malicious then it should be available elsewhere on the net - places like the BBC website keep up to date with all the news and gossip - try looking there 

3. Always be careful opening attachments. 

ISP Phone SCAM

It's a crime!

The dodgy folk are now trying a new variation on the previously mentioned Microsoft Scam.  

They've obviously realised that word has got round that nobody is trusting the "I'm speaking from Windows" speech and now they've replaced it with "I am from Technical support at your Internet Service Provider", they say something along the lines of "we have noticed on our servers that each time you switch your computer on, you are not getting full internet speed and this is because of a virus on your machine. " 

Null Terminated String Copy

Research into a heap buffer overflow error in Windows XP version of NetApi32.dll reveals that the code is using a null terminated string copy.  The patched version of the same dll shows that the copy code has been replaced by a better function that checks the size of the destination buffer.

It's all about trust

Before the days of social networking, hackers and malicious types had to rely on email to distribute their evilness.  They'd send an email with an infected attachment of something that looks interesting that are designed to tempt you in opening the file.  Things like "Cat does handstand on top of dog's head", "Naked Man with big tennis balls at Wimbledon"  or "Cute girl on Channel 4 Countdown spells rude word" - most people caught onto the fact that a lot of these unsolicited emails will most likely contain a virus meaning that the trust in email attachments has been lost and therefore the possibilities of attack via email becomes much less.

Moving into the 21st century and the overwhelmingly popularity of social networking sites, such as facebook and twitter, the malicious hacker is provided a whole new and far more powerful means of infecting hundreds, thousands or even millions of people - the reason is TRUST.

Telephone Scam - Not Microsoft or Windows

If someone phones you up and says that they're from Microsoft or "Windows" and that there's a problem with your computer being infected by a virus,  just say "no thanks" and hang up.

Its not Microsoft or anything to do with Windows - they never phone people up at home out of the blue like this.

It's a scam!  

Some of the aims of the scam are:

• Gain access to your computer to install viruses and other bad programs to monitor everything you do
• Obtain banking information - credit card information
• Charge you a lot of money for supposidly fixing this problem that doesn't exist

What Is Internet Security?

Lots of people ask the same question:

What is Internet Security?

Which are more dangerous? Adult or Religious websites

A woman

In 2011, Symantec found that despite the public "image",  sexually explicit websites that host "adult films" were less likely to pose a security threat from malware compared to religious and ideological websites.    

MS08-067 As used by Conficker and Stuxnet

How do Worms travel?

Strictly speaking, a computer virus doesn't spread across a network whereas a computer worm can travel from machine to machine. But how do worms move between machines?

A vulnerability with the catchy name of MS08-067 was used by Stuxnet and Conficker to worm themselves across Local Area Networks but how did it work?  I spent a reasonable amount of time reverse engineering the vulnerability to discover how it was exploited.