Archive for the 'Security' Category

Microsoft Windows Intune review

Thursday, January 26th, 2012

iTWire: Microsoft’s new enterprise grade security system learns a lot from Security Essentials.

Posted in Networking, Security, sysadmin, Windows, Writing | No Comments »

Letter from a CIO: why Conficker won’t hurt our company

Tuesday, March 31st, 2009

You know a virus is big news when suddenly your users start asking about it instead of the usual “Good news” hoax variants (you know, “my friend’s brother’s uncle’s IT guy said don’t open an e-mail with the title ‘good news’ or it will melt your whole computer and eat your house. Microsoft has said there is NO cure !!!!!!”)

Now, good network admins already have their infrastructure under control – both for present and for future threats.

So, it’s prudent to send out an affirming message at this time letting your users know that they can have confidence their data will be protected from harm and they won’t suffer downtime.

Here are some template e-mails you can use – and not just for Windows, but for the Linux and MacOS guys too!

Posted in CIO, Linux, MacOS, Management, Networking, Security, sysadmin, Windows, Writing | No Comments »

SQL injection is alive and well …

Friday, November 14th, 2008

If you run a web site you need to protect yourself from SQL injection. Sure, everyone should know this by now but obviously not everyone does – or cares. Here’s how within seconds I found two vulnerable sites using Google and logged in using SQL injection.

Posted in Security, Writing | No Comments »

Microsoft DevSta hacked and defaced

Tuesday, October 7th, 2008

Sadly, the Microsoft DevSta competition submissions page suffered some malice from ill-intentioned people.

I wrote about it on iTWire, including screenshots for posterity. Microsoft Australia have now removed the vandalism.

This story made it to the front page of SlashDot.

Posted in Security, Software engineering, Windows, Writing | No Comments »

Trojan steals Gmail passwords – and charges for it

Wednesday, March 12th, 2008

ITWire: Nobody wants to lose their e-mail. So, for Gmail users, G-Archiver seemed like a great buy. For $US 29.95 this shareware app will make a duplicate of your Gmail account on your hard disk, for as many accounts as you like. What its users didn’t count on was that G-Archiver’s authors helped themselves to your Gmail username and password too. Here’s the scoop.

Posted in Blogging, Ethics, Security, Software engineering, Writing | 1 Comment »

The dark side of open source: Hacking MySQL

Sunday, February 10th, 2008

ITWire: Open source software advocates – like myself – will point out that a user can have confidence in the application’s integrity because the program code is readily viewable. However, not everyone who reads source code has pure intentions. Here’s how MySQL has been cracked in the past, and how you can keep safe.

Posted in Blogging, Linux, Security, Writing | No Comments »