Author Topic: Everything that you wanted to know about Spyware ... but were afraid to ask.  (Read 10038 times)

0 Members and 1 Guest are viewing this topic.

Offline Eric the Red

  • ISO/IEC 27001:2013, CISMP, MRi
  • Administrator
  • Hero Member
  • *****
  • Posts: 1620
  • Would somebody please pass me a beer!
    • View Profile
The below link will take you to a briefing document on Spyware prepared by the National Infrastructure Security Co-ordination Centre, the UK Government CERT. This .pdf was released on 1st June and, whilst it is aimed at organisations, the information contained in it makes it worthwhile reading:

Technical Note Id. 00384, 01 June 2006, (TN04/06)
This Technical Note describes the principal characteristics of spyware: its typical technical capabilities and its means of introduction into computer systems. It presents advice on mitigation, using a generally applicable framework of Prevent, Detect, Contain, Eradicate, Recover, and Follow-up (PDCERF). The mitigation measures presented are not specific to individual instances of spyware, or in the main to spyware alone: rather, they describe good network security practice which mitigates the threat from malicious software generally. A final section considers the evolution of spyware capability.

The 23 page .pdf may be found here

"The time to start running is around about the "e" in "Hey, you!" "