Brian Krebs Archives

Home » Brian Krebs

The problem with ditching Flash and Java

Dave Farquhar security October 28, 2015October 27, 2015apple, Brian Krebs, JRE, Whitelist

Last week Adobe issued an out-of-band Flash patch, and once again Brian Krebs urged people to ditch Flash, noting that he’s done so and hasn’t missed it.

We decided to try ditching Flash at work a few months ago, but it didn’t go quite so smoothly for us. I thought I’d share my experience.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

More Home Depot details emerge

Dave Farquhar security September 22, 2014September 20, 2014antivirus, breach, Brian Krebs, code execution, Data breach, home depot, malware, Payment systems, Retailing, vista, vulnerability, Windows Server, Windows Server 2003, Windows Vista, Windows XP

Late last week, Home Depot finally released a statement about its data breach. At least they had the decency to call the attack “custom” and not spin it as “advanced” or “sophisticated.” Even “custom” is really a euphemism, as the attack wasn’t all that different from what other retailers experienced earlier in the year. It may have been as simple as recompressing the BlackPOS malware using a different compression algorithm or compression ratio to evade antivirus.

The breach involves about 56 million cards, making it a bigger breach than Target. Read more

Dave Farquhar

dfarq.homeip.net

Five malware myths

Dave Farquhar security April 18, 2014July 23, 2017antivirus, Brian Krebs, malware, spyware, Whitelist

I found a story called Five Malware Myths and take no issue with anything it says. Run antivirus, whitelist your program directories, run EMET, and you’re reasonably protected but not invincible. But nobody is as invincible as the majority of people seem to think they are.

Let’s take them one by one.

Dave Farquhar

dfarq.homeip.net

EMET protects against what your antivirus cannot–and it’s free

Dave Farquhar security July 1, 2013November 29, 2015antimalware, antivirus, Brian Krebs, firefox, hp, microsoft word, optimizing windows, randomization, vulnerability, windows 7, Windows XP

A few years ago, Microsoft quietly released a security tool called EMET–the Enhanced Mitigation Experience Toolkit. EMET is now in version 4.0, and it’s probably the best security tool you’ve never heard of. And that’s a real shame.

Modern versions of Windows and modern CPUs include several security-enhancing technologies that aren’t necessarily switched on by default. EMET is a wrapper that forces software to use these technologies, even if they weren’t designed from the get-go to use them. The idea, then, is that if a badly behaving data file tries to exploit a traditional vulnerability in one of these programs, EMET steps in and shuts it down. A real-world example would be if you visit a web page that’s playing a malicious Flash video, or that contains a malicious Acrobat PDF. The malicious data loads, starts to execute, and the minute it misbehaves, EMET slams the browser tab shut. You won’t know right away what happened, but your computer didn’t get infected, either. Read more

Dave Farquhar

dfarq.homeip.net