Download as PDF
Blog Article
It's relatively common for incident response teams, in scanning the web for information about threats to their constituencies, to come across dumps of usernames and passwords. Even if the team can work out which service these refer to [*], it's seldom clear whether they are the result of current phishing campaigns, information left over from years ago, or even fake details published by intruders who want to inflate their claims.
Blog Article
"Is scanning lawful?" sounds as if it ought to be a straightforward question with a simple answer. However investigating it turns out to be a good illustration of how tricky it is to apply real-world analogies to the Internet, and the very different results that different countries' legislators (and courts) can come up with when they try.
Blog Article
The EU has finally adopted a new Directive on attacks against information systems, first proposed in 2010. The Directive will require Member States, within two years, to ensure they meet its requirements on
Blog Article
Malicious software, generally shortened to malware, is involved in a wide variety of security incidents, from botnets and phishing to industrial sabotage. Analysing what malware does and how it can be detected, neutralised and removed from infected computers is an important part of keeping networks and computers secure.
Blog Article
The European Commission seems to be revisiting ground covered by the UK’s 2006 amendment to the Computer Misuse Act, attempting to criminalise certain acts relating to devices/tools used for committing offences against information systems. The problem is that many computer programs – for example for identifying vulnerable computers, monitoring wireless networks or testing password strength – can be at least as valuable to those trying to secure networks and computers as to those trying to compromise them.
Prev | Next