security Archives

Home » security

Why the Wannacry outbreak was so bad

Dave Farquhar security May 12, 2026May 12, 2026 1 Comment

On May 12, 2017, ransomware named Wannacry started spreading across the globe, infecting and encrypting Windows systems by exploiting CVE-2017-0144, a flaw that a two-month-old Microsoft patch, MS17-010, had fixed.

It quickly became one of the biggest Windows outbreaks ever. Why was it so bad, and what could have made it go better?

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

The Melissa virus of 1999

Dave Farquhar Retro Computing, security March 26, 2026March 26, 2026

The Melissa virus was a mass-mailing macro virus from March 1999. It was one of the more notorious computer viruses of the 1990s, and reportedly the author named it for a dancer he met in a Florida nightclub. Authorities quickly identified the author, David Lee Smith, and arrested him in New Jersey on April 1, 1999. He served two and a half years in prison and paid $7,500 in fines for creating the virus.

Dave Farquhar

dfarq.homeip.net

Remembering the Michelangelo virus

Dave Farquhar security March 5, 2026March 5, 2026

Remember the Michelangelo virus? If you don’t remember, on March 6, 1992, Michelangelo was programmed to overwrite the first 100 sectors of a hard drive–not quite as destructive as formatting a drive, but to the average user, the effect is the same. It was a huge scare–John McAfee predicted five million computers would be affected–but largely was a non-event.

Those of you studying for security certifications would do well to remember that Michelangelo is a prime example of a virus and a logic bomb. Viruses replicate; logic bombs do something when an event triggers. Malware doesn’t always fit neatly into specific categories–crossovers are common.
Read more

Dave Farquhar

dfarq.homeip.net

Year 2038 problem

Dave Farquhar security January 19, 2026February 19, 2026

We need to talk about the year 2038 problem. The year 2038 problem exists on Unix and Unix-like systems, and other software that borrowed the Unix time standard. The problem is that on January 19, 2038, the 32 bit integer that Unix uses to represent time is going to wrap around. And then the computer is going to think it is December 13, 1901. If this sounds a lot like the Y2K problem, you’re not wrong. The dates involved are different, but the effect is very similar.

Dave Farquhar

dfarq.homeip.net

The Egghead breach of 2000

Dave Farquhar Retro Computing, security December 24, 2025October 25, 2025

It was 25 years ago, December 22, 2000, that Egghead’s website, egghead.com, was hacked, exposing 3 and 1/2 million credit card numbers. This incident raised a question we’ve been asking ever since. How do we know that our payment information is safe?

Dave Farquhar

dfarq.homeip.net

Why Intel acquired McAfee, then un-bought it

Dave Farquhar security August 20, 2025August 20, 2025

On August 19, 2010, CPU manufacturer Intel purchased antivirus maker McAfee. At the time, few people knew why. And let’s just say fewer people were surprised when Intel unacquired McAfee in April 2017 than they were when they made the acquisition.

Dave Farquhar

dfarq.homeip.net

Code Red worm, July 13, 2001

Dave Farquhar security July 14, 2025May 17, 2025

Code Red was a computer worm that exploited one of the earliest notorious Microsoft vulnerabilities, a buffer overflow in Microsoft IIS. It is credited as the first large scale mixed threat attack against enterprise networks. Code red was released July 13, 2001 although it was first observed July 15, 2001. Infections peaked July 19, 2001, infecting 359,000 servers worldwide.

Dave Farquhar

dfarq.homeip.net

Troubleshooting long scan times in Tenable Security Center

Dave Farquhar security March 23, 2025March 23, 2025

I can never find this when I need it, so I am going to write up how I troubleshoot long scan times in Tenable Security Center. And if it helps you too, so be it. Usually when a Security Center scan takes forever, it’s because one or two hosts is responding much more slowly than the rest, holding up the entire scan. The scan won’t complete until every system finishes. Finding the slow hosts so you can troubleshoot them, or at least move them to their own scan, can help you keep the scan from dragging on forever.

Dave Farquhar

dfarq.homeip.net

Why we call software updates patches

Dave Farquhar security March 11, 2025March 3, 2025

It’s Patch Tuesday, the day Microsoft and Adobe grace us with new software updates to track, argue about, and maybe someday deploy to our computer systems. But have you ever wondered why we call software updates “patches?” What’s the meaning of the word patch?

Dave Farquhar

dfarq.homeip.net

Should you use a face scan, fingerprint, or passkey?

Dave Farquhar security February 11, 2025February 10, 2025

What’s better, biometrics like a fingerprint or face recognition, a pass key, or old fashioned passwords? A couple of different conversations I had recently spurred this question, and I think it’s worth exploring.

Dave Farquhar

dfarq.homeip.net

← Previous