archives
June 2009

Blackberry Sundae

Having worked quite a lot in recent years in the public sector in the UK, I’m not at all surprised that RIM (Research in Motion) is bullish about being assessed by CESG as suitable for use with restricted government data. However, it’s not altogether clear from the documentation published by RIM what this actually means.

Popularity and Spurious Statistics

I’ve just been observing a slightly bizarre email thread about the whatdoestheinternetthink?net site, which is apparently aiming to be the place to go if you want a global enquiry tool to find out what the online world thinks about any given subject. You enter a search term, it submits to one or more search engines, and it

Password Mythology

I recently read an article about Facebook security problems at http://www.securitymattersmag.com/security-matters-magazine-article-detail.php?id=411 in which some advice on passwords was given.   Some of the advice was quite good, but some was a bit shaky. I’ll go through the tips and tell you what’s hot and what’s not! Use a combination of uppercase and lowercase letters, symbols,

Watch Out for “Michael Jackson” Hoaxes

The news broke a short time ago that pop star Michael Jackson died of a heart attack. It is all too predictable that the bad guys will use this news event to spam out fake videos or links to alleged pictures in order to trick users into installing their malicious software. If you receive an

Sex and the e-City

It’s often claimed that men think about sex very seven seconds. Sorry, where was I? Oh yes… I’m not sure where that pseudo-statistic comes from: apparently not from the Kinsey report as is often claimed, and a more recent poll, while reflecting perhaps more liberated views about sexuality than could be admitted to in the

The Faces of Cybercrime

I was recently reminded of the truism that security is about managing risk. You cannot eliminate all risk. When we think of cyber criminals we tend to think of phishers, criminal gangs writing malware to steal passwords, and eBay scammers. So we try to deal with “reputable” companies to eliminate the risk of theft and

Microsoft Beta Than ESET?

I really didn’t think that Microsoft’s beta AV product would necessitate three blogs: it is, after all, just a beta release. However, I was surprised just now to read an article by Mark Mayne of SC Magazine that claims the product is “going head-to-head with a range of AV vendors, from Symantec and McAfee through

Microsoft AV Revisited

Alex makes a couple of interesting points in his comment on Randy’s blog yesterday about Microsoft’s "Security Essentials" antivirus (as does Randy, of course, but there’s no surprise there.) Alex is suggesting, I think, that Security Essentials isn’t so much a freebie as a value-add to something you’ve already paid for (i.e. Windows). That’s a pretty interesting,

Microsoft Security Essentials?

Microsoft is releasing a beta of their new antivirus product. Previously Microsoft announced that they would discontinue OneCare. The choice of the name “Security Essentials” is amusing. I’m not in the camp of those who think that you can’t have “Microsoft” and “security” in the same sentence, but just the same, Microsoft does say “If

Go Phishing with the city of Bozeman, Montana

The City of Bozeman, Montana effectively joined the ranks of phishers when they asked job candidates for their usernames and passwords for social networking sites that the applicant belongs to. In a report at , after considerable outcry the city rescinded its mindless policy. To begin with, the city was asking applicants to breach their

Mugs and Muggings, Scams and Facebook

The estimable Gadi Evron has posted an article at DarkReading about a dialogue he was caught up in on Facebook. One of his contacts popped up in a Facebook Chat window and told him how she’d been been held at gunpoint and robbed in London, losing her credit card, cash and mobile phone. Well, having

Blog Spam? No Comment….

I’d like to say thanks to Sean, who commented on my first blog on Orbasoft blog spam (don’t miss the later blog!) as follows: "These people are still not telling the truth. This software has been tested several times in the last few days and has been verified as a Rogue. It is on average detecting

Orbasoft Comment Spam Revisited

Many thanks to Jens in Denmark, who commented on my previous blog about Orbasoft comment spam. Jens says: “Orbasoft is a real company, situated in Denmark. But they hired an Indian company to spam blogs with comments on their products (“search engine optimization”)…[they] wrote 300 positive comments – for the price of $900. ” Well,

Nine Ball: Juggling with VirusTotal

There’s been some media interest in an alert from WebSense about something they call Nine Ball (he, said, trying to keep his sense of humour in check). It has some pretty interesting characteristics. I’d like to pick up, though, one point that the reports I’ve seen have rather overstated. WebSense mentioned that vendor detection is low on

Orbasoft Comment Spam

Comment spam is one of those nuisances that career bloggers see a lot of: at least, we would if we didn’t use filters to control most of it before it gets to us. In general, these either overtly advertize something which has nothing whatsoever to do with the blog topic, or say something that add

Cloud Computing and the Psychology of Security

OK. No dubious metaphors about clouds and stormy weather. Maybe. We all know, because we’ve been told so many times, that cloud computing, whatever that is, is going to be the salvation of not only the anti-malware industry, but the rest of the software industry. NIST (National Institute of Standards and Technology, whose Computer Security Division

Facebook: Computeracy by Degrees

When I first went to university at the end of the 1960s (yes, I really am that old, though not quite old enough to be of that generation that only remembers that decade through a haze of psychedelic phenomena), my choice of social sciences was regarded as somewhat fluffy. It was the age of "the

Data Protection: not a priority?

Data protection in the UK and Europe may mean something a little different to the way most Americans would understand it. The UK’s Data Protection Act is, like other local legislation in EC countries enacting the EU directive Data Protection Directive 95/46/EC, concerned less with the security mechanisms you use (or don’t use) to protect your

T-Mobile Data Breach – Or Not…

Just last Saturday, June 6th; there was a new posting on the Full Disclosure mailing list from a source that calls themselves pwnmobile (at least that’s part of their email address). In the post, pwnmobile claims they have harvested information from T-Mobile USA’s servers. The data they claim to have acquired is: various databases confidential

Bank Scammers: No Respecters of Age

There are some civilizations that revere their elders for their wisdom. Unfortunately, I don’t live in one of them.  In others, old people are quietly abandoned on icefloes or the sides of mountains when they start to take more from the community than they contribute towards it. I guess I’m reaching the age where I should

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
29 Jun 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.