Sometimes you just have to accept defeat. Such was the case for a friend of mine who recently spent a great deal of time pondering how a corporate rival always seemed to be a step ahead, knowing things he shouldn't have known and one-upping him at almost every turn. This friend asked me to drop by and scan his PC, and guess what I found........
Sometimes you just have to accept defeat. Such was the case for a friend of mine who recently spent a great deal of time pondering how a corporate rival always seemed to be a step ahead, knowing things he shouldn't have known and one-upping him at almost every turn. This friend asked me to drop by and scan his PC, and guess what I found........A KEYLOGGER!
I know what you're thinking, why didn't a simple virus or spyware scan detect the keylogger? Before answering that question, it helps to understand why some keyloggers are so difficult to detect. Some software based keyloggers are easy to discover. Someone with some Win32 skill could easily tap into several functions exposed in various Windows API's to record keystoke events. Problem here is that you typically need to poll each key at a relatively fast frequency for this technique to work. Multiply an aggresive polling interval by all of the keys on a typical 101 button keyboard, and you're going to see a noticable CPU hit, which is probably enough to tip off the victim pretty quickly.
Other spyware based keyloggers do the job a tad more intelligently by hooking into the OS and subscribing to keyboard events more passively, but other keyloggers, such as the infamous WebWatcher keylogger, run at the kernel level. WebWatcher is particularly nefarious because its hides its payload so well. No detectable registry keys, running processes or services. Some spyware tools pick up on WebWatcher, but they might call it something else and definitely won't be able to remove it (if you know of one that does please let me know which one).
In the case of my friend, the keylogger wasn't software based at all, it was actually an inline hardware keylogger dongol, and I found it accident while popping a thumb drive into the back of his PC. There's no defense to my knowledge from a hardware keylogger, a favorite tool among law enforcement and a great tool for forensics. You can buy them anywhere online, just google "hardware keylogger". The indexing and searching capabilities built into some of these buggers are impressive to say the least, and with storage support ranging from several MB to several GB's, theses devices can compile a ton of data that can be discovered and used against you pretty quickly.
The moral of the story....if your enemy plants one of these suckers on you, you're toast. Say sayanora (goodbye), arrivaderci (goodbye), adios (you know).
The Agile ArchiveWhen it comes to managing data, donít look at backup and archiving systems as burdens and cost centers. A well-designed archive can enhance data protection and restores, ease search and e-discovery efforts, and save money by intelligently moving data from expensive primary storage systems.
2014 Analytics, BI, and Information Management SurveyITís tried for years to simplify data analytics and business intelligence efforts. Have visual analysis tools and Hadoop and NoSQL databases helped? Respondents to our 2014 InformationWeek Analytics, Business Intelligence, and Information Management Survey have a mixed outlook.
InformationWeek Tech Digest August 03, 2015The networking industry agrees that software-defined networking is the way of the future. So where are all the deployments? We take a look at where SDN is being deployed and what's getting in the way of deployments.