One O’Clock Rock

Here’s a couple of fun security scare stories and a heartning bit of rugby news for you. Firstly, rootkit authors are getting more clever:

“So now we have developers of rootkit detectors adding detection of latest rootkits to their scanning engines - and developers of rootkits adding detection of latest detectors to their scanning engines.”

A rootkit is a bit of software that is used to invisibly control your computer after it has been subborned by an attacker.

And even worse news for users with phishing scam artists getting more clever as well:

“Every piece is now in place for the perfect phish. The phishers recently tried out SSL attacks in anger so they have all that cert and SSL code in place, they are now doing MITMs so they have the real-time backend work in place (this is just multi-tiered or webservice work, recall) and we’ve had easy-to-obtain popup-tax certs for about 2-3 years now (even works with a stolen credit card…).”

Note, the SecurID token type approach taken by LloydsTSB in the UK this week won’t protect you from a Man In The Middle Attack.

At least Sarries are getting back to winning ways, here’s our forthright but lovable Director of Rugby Steve Dimond in the indie

“One of the priorities has been to hammer out the excuse mentality,” he explained, “and you do that by ensuring that the coaching staff play by the same rules and don’t make excuses when they get it wrong. I’m happy to accept that I dropped a bollock at the start of the season by pushing the team too far, too fast in terms of moving the ball and playing all-out attacking rugby. We scored tries, but we leaked more. Now, we’ve cut out the extravagance and gone back to a much more basic style of play driven by our strong set-pieces. But we’ve done it in the knowledge that when put some results together, we can slowly reincorporate the expansive stuff.