Jesper Johansson's Blog : Security

Passwords are here to stay

Jesper's Blog — Sun, 11 Oct 2009 05:54:00 GMT

At least for the short to medium term. That is the, quite obvious, conclusion drawn in a Newsweek article entitled "Building a Better Password." The article goes inside the CyLab at Carnegie-Mellon University to understand how passwords may...(read more)

And finally, standard user malware

Jesper's Blog — Tue, 01 Sep 2009 06:21:00 GMT

Today I finally got wind of my first piece of true standard user malware. MS Antispyware 2008 has turned standard user. The version in question installs the binaries in c:\documents and settings\all users\application data\<something>, and makes...(read more)

Please do not e-mail my social security number

Jesper's Blog — Wed, 28 Jan 2009 05:38:00 GMT

Recently I had a very interesting incident. I wrote an article some time in 2008 and the publisher paid me a little bit of money for it. That means the publisher must send a report to the Internal Revenue Service (IRS - the U.S. tax department) reporting...(read more)

Is MS08-067 Wormable?

Jesper's Blog — Tue, 04 Nov 2008 12:14:00 GMT

A couple of weeks ago Microsoft released an out-of-band security update in bulletin MS08-067 . Looking at the type of vulnerability and the fact that the issue was already being exploited in the wild at the time, this was a good decision. If you have...(read more)

Anatomy of a Hack 2008

Jesper's Blog — Fri, 22 Aug 2008 21:46:00 GMT

A few years ago I delivered a very popular presentation I called "Anatomy of a Hack." Well, actually, I called it "How to Get Your Network Hacked in 10 Easy Steps" but the marketing department at my previous employer thought that title...(read more)

Buy the original Olympic Torch from Beijing

Jesper's Blog — Sat, 09 Aug 2008 03:38:00 GMT

"Buy the original Olympic Torch from Beijing" That was one of the fake headlines in the latest "CNN.com Daily Top 10" malware spam I've been getting lately. This particular spam is a fake newsfeed which redirects you to one of...(read more)

Phishing for a Tax Refund

Jesper's Blog — Mon, 05 May 2008 04:30:00 GMT

What's wrong with this picture? If you answered "why would the IRS use a web server in Korea to ask for information about my tax refund" you are a winner! This is a phishing site preying on people who do not know that all you need to do...(read more)

Mitigate the Image Uploader Vulnerabilities

Jesper's Blog — Wed, 06 Feb 2008 19:07:00 GMT

The big security news this week is the six vulnerabilities found in various image uploader ActiveX controls. In case you haven't seen the news , there are exploits available publicly for remote vulnerabilities in five different ActiveX controls. US...(read more)

Using Autoplay on Vista To Stop Attacks

Jesper's Blog — Sun, 23 Dec 2007 18:41:00 GMT

The January issue of TechNet Magazine has an article I wrote about how to hack a system using autoplaying USB flash drives. While it is not possible to stop all attacks from USB tokens, Vista does include some interesting protective measures. However...(read more)

Is Firefox More Secure than Internet Explorer?

Jesper's Blog — Fri, 30 Nov 2007 20:28:00 GMT

Well, sure it is. According to the Firefox web site, which must of course be untainted by marketing claims since it is Mozilla, " Firefox continues to lead the way in online security". OK, marketing hyperbole aside, I'm a data guy. I care...(read more)

What They Teach Kids These Days

Jesper's Blog — Mon, 03 Sep 2007 20:18:00 GMT

Sweden has always been a little "cutting edge," if you know what I mean. Little did I know, however, just how cutting edge. This picture was snapped in a toy store in Stockholm last week: I probably stood there stunned for a good two minutes...(read more)