A watering hole attack is an indirect attack on a victim. Rather than directly attacking the victim’s network, the attacker attacks a web site that the victim’s employees are likely to visit. Then the attacker attacks the victim’s network, via its own workstations, from that web site. A former colleague asked me how you protect against watering hole attacks, and I thought this was a good exercise. So here are some strategies for watering hole attack prevention.
What went wrong with Windows Vista? If you were around when it launched, you probably wouldn’t argue with me if I said the things that went right were easier to count than the things that went wrong. Windows XP lived nearly forever because Vista was so bad.
I’ve talked a lot about the advantages and disadvantages of old milestone operating systems. But what were the advantages and disadvantages of Windows NT 3.1? That’s a fair question.
On Monday, March 13 at approximately 10:30 AM CST, I will be appearing on KFUO Radio’s Faith and Family program to discuss home computer security with host Andy Bates. One of the questions he’s planning to ask: How can I know how secure my home computer is? Or, to put his question another way, how safe is my computer from hackers?
I’m going to use this space to elaborate ahead of time on some of the things we are going to talk about. We could talk for an hour on any of the questions he’s going to ask, and he gave me three questions and 25 minutes. This is my workaround.
I got an HP Elitebook 8440p because I wanted something a little newer and faster than my old Dell E1505. It was certainly newer and faster, but it had a problem. Every morning it greeted me with a BSOD. That E1505 was getting older and it had its own quirks, but I don’t remember it ever bluescreening on me. Here’s how I fixed the bluescreens I got with the HP Elitebook 8440p and Windows 10.
Not only did it bluescreen, but the behavior seemed pretty consistent. Two days in a row, I woke the laptop up from hibernation, and about nine minutes later, it bluescreened.
Cleaning the Windows registry is a popular and controversial topic. Many pundits tell you never to do it. When I wrote a book about Windows back in 1999, I dedicated most of one chapter to the topic. But today the pundits have a point. Most registry cleaning utilities do much more harm than good. I don’t recommend you clean your registry, per se, but I do recommend you maintain it.
I don’t want to dismiss the concept completely out of hand. There’s a difference between a bad idea and a bad implementation. Registry cleaning and maintenance is a victim of bad implementation. But that doesn’t mean it was a bad idea. So let’s talk about how to get the benefit while minimizing the drawbacks.
Yesterday, half the Internet was broken. I knew something was wrong when I couldn’t get into Salesforce to check on a support ticket for my biggest customer. Another member of my team sent us a warning that a big DDoS attack was happening, and not to count on being able to issue very many quotes today. So what, exactly, is a DDoS attack and how do DDoS attacks work?
I suppose there’s another question to ask too: What can you do to avoid being part of the problem? We’ll save that for the end.
I hear the question from time to time what the advantages and disadvantages of Windows 3.0 were. Windows 3.0, released in May 1990, is generally considered the first usable version of Microsoft Windows. The oft-repeated advice to always wait for Microsoft’s version 3 is a direct reference to Windows 3.0 that still gets repeated today, frequently.
Although Windows 3.0 is clumsy by today’s standards, in 1990 it had the right combination of everything to take the world by storm.
The most infamous Microsoft patch of all time, in security circles at least, is MS08-067. As the name suggests, it was the 67th security update that Microsoft released in 2008. Less obviously, it fixed a huge problem in a file called netapi32.dll. Of course, 2008 was a long time ago in computing circles, but not far enough. I still hear stories about production servers that are missing MS08-067.
Last week, Microsoft took a look back at MS08-067, sharing some of its own war stories, including how they uncovered the vulnerability, developed a fix, and deployed it quickly. It’s unclear who besides Microsoft knew about the problem at the time, but one must assume others were aware of it and using it. They certainly were after the fall of 2008.