July 21, 2013 | post a comment | Mark Russinovich
I’m thrilled to announce that I’ve sold the movie options for the Jeff Aiken series (Zero Day, Trojan Horse, and the forthcoming Rogue Code)! The buyer has produced several major films and believes in the importance and timeliness of the subject matter. Work on the first movie is starting immediately with the writing of a screenplay and I’ve been signed on as a technical consultant to ensure that the movie is technically accurate. I’ll share more information here as the movie develops.
June 16, 2013 | post a comment | Mark Russinovich
You’re probably the IT help desk for your family and friends, and might even have an IT role at your company. Malware is a fact of life and learning how to identify it, neutralize and clean it off infected systems can save the time and money of reimaging systems, reinstalling software and restoring data. Even if you decide to reimage a system, having some understanding of malware’s operation can give you confidence that it hasn’t spread to other systems in your network.
In this top-rated session from Microsoft’s TechEd US conference last week, I teach how to use my Sysinternals tools, including Process Explorer, Autoruns and Process Monitor, as well as some tips and techniques targeted at malware, to analyze and eradicate today’s common strains. You’ll see me use the tools to identify and remove ransomware, fake security software, and even look under the hood at Flame, the cyberweapon that was found last year in Iran and believed to be part of the Stuxnet program of cyberwarfare. With what you learn, you’ll be on the way to becoming a malware cleaning hero.
May 27, 2013 | post a comment | Mark Russinovich
Government Technology has published a nice profile of me and my fiction, discussing how Zero Day and Trojan Horse both reflect the reality of the cybersecurity landscape. It includes excerpts from an interview I did for them that explain what motivated me to try my hand at fiction and my experience with the writing process. Check it out:
February 13, 2013 | 1 Comment | Mark Russinovich
President Obama highlighted the need for cybersecurity in his 2013 State of the Union Address:
America must also face the rapidly growing threat from cyber attacks.
Now, we know hackers steal people’s identities and infiltrate private e-mails. We know foreign countries and companies swipe our corporate secrets. Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems.
We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy. That’s why, earlier today, I signed a new executive order that will strengthen our cyber defenses by increasing information-sharing and developing standards to protect our national security, our jobs, and our privacy.
But now — now Congress must act, as well, by passing legislation to give our government a greater capacity to secure our networks and deter attacks. This is something we should be able to get done on a bipartisan basis.
The same day he issued an executive order aimed at information sharing with private industry to improve the cybersecurity of our national critical infrastructure systems.
February 13, 2013 | post a comment | Mark Russinovich
Check out how I came up with the titles to my novels and my view on cloud security in this From End to Edge interview with Yuri Duiogenes and Tom Shinder:
January 30, 2013 | post a comment | Mark Russinovich
In a story that reads like it came strait out of Trojan Horse, the NY Times announced today that it has been infiltrated by Chinese hackers in a campaign that ran over the last several months since the Times readied a story on a the corruption of a Chinese official:
Hackers in China Attacked The Times for Last 4 Months
December 22, 2012 | 1 Comment | Mark Russinovich
I’m excited to announce that I’m delivering two sessions at the prestigious RSA Conference on cybersecurity, which takes place in San Francisco from February 25 to March 1. One is Malware Hunting with the Sysinternals Tools, where I teach you how to use several of my popular Sysinternals utilities, including Process Explorer, Process Monitor and Autoruns, to diagnose and clean malware infections. The theme of my second talk, Trojan Horse: The Widespread Use of International Cyber-Espionage as a Weapon, is obviously aligned with that of my novel Trojan Horse.
Here are the session abstracts and times and below them a link to the conference’s full session list.
HTA-R32 – Malware Hunting with the Sysinternals Tools
Thursday, February 28 09:20 AM – 10:20 AM
This session will provide an overview of several Sysinternals tools, including Process Monitor, Process Explorer and Autoruns, focusing on features useful for malware analysis and removal. We will demonstrate malware-hunting capabilities by presenting several real-world cases that used the tools to identify and clean malware, and conclude by performing a live analysis of current malware samples.
EXP-R35 – Trojan Horse: The Widespread Use of International Cyber-Espionage as a Weapon
Thursday, February 28 01:00 PM – 2:00 PM
Learn how governments including the U.S., Russia, China and Iran, use cyberspace as a theater of cyber warfare and espionage. Understand the trends and where escalation may lead.
RSA Conference full session list.
November 18, 2012 | post a comment | Mark Russinovich
I’m pleased to announce the winners of the Operation Desolation Cybersecurity Quiz book giveaway. The competition was strong, with over 700 submissions and many perfect scores. The five winners drawn randomly from the top-scorers are:
- Jason Stangroome
- Lee Pillay
- Kevin Brice
- Steven Alexander
- Sajen Jose
Even if you didn’t take the quiz in time to enter the contest, the quiz is still available for you to test your cybersecurity knowledge.
November 17, 2012 | post a comment | Mark Russinovich
I’m pleased to announce that Trojan Horse is now available for purchase in audio format from Audible.com, and it includes an exclusive 20-minute chat between me and famed former-hacker and author Kevin Mitnick talking about cybersecurity.
October 24, 2012 | post a comment | Mark Russinovich
On August 15 at exactly 11:08 a virus that had infected 30,000 computers of Saudi oil company Saudi Aramco woke up and deleted all the documents accessible to it, replacing the files with an image of a burning US flag. Sound familiar? If you read Zero Day, then it should, since the premise of Zero Day is a very similar attack, except directly against the US. The New York Times published an article today that reveals more information about the attack, including the official US theory that Iran was behind it. The incident highlights just how realistic and how at risk we are to a Zero Day-type attack:
NY Times: In Cyberattack on Saudi Firm, U.S. Sees Iran Firing Back