archives
May 2009

Security Education

Here are one or two resources some of you might find useful and interesting. Infragard and the Center for Information Security Awareness have a Security Awareness in the Workplace program that looks worth a closer look. It consists of 14 separate lessons addressing key information security issues "that can impact in the workplace". The free lessons

NHS: healthcare security and national insecurity

I really ought to be concentrating on some writing deadlines, but I couldn’t ignore this item, flagged by Graham Cluley, Sophos blogger-in-residence and karaoke star. (I have to say that because I was rather rude about his singing at Infosec last month.) Graham and I both live in the UK, so the state of health

Twitter: it’s all about me

I’ve mentioned this before, but I’m still getting quite a lot of requests  to "follow" me on Twitter on an account that’s "protected". So I’m going to explain in a little more detail how this works. Or at least how it works for me… At the beginning of the year, it was suggested that it

CARO and AMTSO

In previous blogs, I mentioned that some of the presentations from the CARO workshop a couple of weeks ago were likely to be made available publicly. Unfortunately for non-attendees, most of the presentations are only available to people who were there: however, some can be downloaded by the public from here. In case I didn’t

Comparative Testing and Swimming the Channel

Greetings, friends, fans and foes. I know it’s been a while, but I’ve been travelling, with intermittent connectivity: first the Infosecurity expo in London, then the CARO and AMTSO workshops in Budapest, then the EICAR conference in Berlin. This week I’ve been at the Channel Expo in Birmingham (the one in the UK, that is)

Securing Our eCity

San Diego is a great place to live in and visit. I grew up in San Diego and didn’t realize how good I had it until I moved to San Bernardino when I was 15.  What does this have to do with security? If you need an excuse for a trip to San Diego (or

CyberSecurity Resources

At the Interop show in Las Vegas I promised some people I would put the list of resources we included in out presentation on the ESET blog. These are great resources for education and cybercrime reporting. The first one is a new initiative form ESET. I’ll blog more extensively about Securing Our eCity tomorrow! • Securing

Smaller Conferences are the Best

In the security community, the beginning of the summer is the time of the year when most conferences are held.  In the last couple of days, there has been the CARO workshop, the AMTSO meeting and the EICAR conference.  Numerous ESET employees have attended each of these gatherings.  In my opinion, the best event so

EICAR Papers

After my last blog, I was asked what other EICAR papers would be of interest to people in the testing industry. In fact, quite a few of this year’s papers were focused on anti-malware testing and/or detection, and the abstracts for the industry papers are available here, and that may give you a start on

I Like EICAR

Yes, I’ve used that pun before, but I can’t resist using it again now that I’m back from the EICAR conference. I actually got back a couple of days ago, but I was sidetracked by some urgent administrivia and dental treatment. I’m having bacon and eggs for breakfast, my first pet’s name was Stuart Little

Let’s meet at Interop!

If any of you out there who read this blog are going to be at Interop in Las Vegas next week, I’d love to meet you. I’ll be spending a lot of time at the ESET booth. I’d love to hear your ideas about the types of things you most like to see in the

Update updates

So Patch Tuesday has been and gone, and many of you will already have updated automatically. If you haven’t, do. there seems to be a curious complacency in some quarters about Powerpoint clientside exploits and targeted attacks, but a lot of dross gets passed around as slide-decks. For example, many an old hoax has been given

Antivirus Doesn’t Work

  Yesterday at the EICAR conference in Berlin <http://www.eicar.com> Dr. Fred Cohen was the keynote speaker. For any of you who do not know of Dr. Cohen, he is credited with coining the term virus to describe a self-replication program. Dr. Cohen also is credited with writing the first computer virus. The virus was written

AMTSO marches on

So the CARO workshop came and went (and very good it was too): unfortunately, because of the nature of the event, I can’t tell you too much about it. However, at least some of the presentations are expected to be made available soon, and we’ll pass on that information when we have it. After a

Competing and Cooperating (Don’t Attack the Customer)

In the security industry there is fierce competition. At least in the anti-malware segment there is also tremendous cooperation. I am writing from the 3rd annual CARO workshop where researchers from several anti-malware companies are sharing important information with their competitors. Quite a while back there both PCTools and ESET had false positives on each

Vulnerability Musings and Reflexive Thinking

Some of us are currently enjoying some excellent presentations at a CARO workshop in Budapest on exploits and vulnerabilities. Hopefully, some of them will eventually be made public, so that we’ll be able to include pointers to specific resources. While there’s been a great deal of technical detail made available that has passed me by

Honesty is not The Best Policy for Password Resets

In light of yet another Twitter hack involving a Yahoo email password reset attack, you might think twice about the answers you provide for password reset questions. Common password reset questions include the following: What is your mother’s maiden name? Where were you born? What high school did you graduate from? All of these and

PDFs Carry Swine Flu

OK, PDFs don’t actually carry the swine flu, but PDFs are used to make your computer sick. The bad guys know that many people will open anything, regardless of where it came from, if it has bad news in it. There have been a couple of vulnerabilities found in Adobe Acrobat recently. One of the

The April Threat Report

As we do each month, ESET has released its monthly threat report. As you might expect, there were a lot of Conficker detections out there. There were also almost as many detections for autorun threats that are not Conficker. In other words, if you have disabled autorun, then you protect against a lot more than

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.