archives
September 2009

9/11 – Nothing Is Sacred to Scammers

Here in the UK we’ve seen quite a lot of media attention (TV movies and documentaries and so on) relating to the 9/11 attacks, so I’m sure there’s a lot more happening in the US, today of all days. Sky News (http://news.sky.com/skynews/Home/World-News/September-11-Terror-Attacks-New-Video-Of-Plane-Crashing-Into-South-Tower-9-11-Memorial-And-Museum/Article/200909215379149) has published an article that includes a link to a video clip of the

Keep Those Third Party Apps Patched!

You may have seen some news today about a new vulnerability that can potentially affect Windows Vista. Microsoft will have a patch for the flaw, hopefully before it is exploited. Of course, Microsoft had a patch for the flaw that Conficker exploited, but too many people are not patching anything.  It’s a good idea to

Not all Mac users are naive about security

I’m often exasperated by blinkered mindsets in the Mac community, of the security-related kind that Randy highlighted in a recent blog. You might have picked up a certain irritation in some of my blogs around the end of last month relating to Snow Leopard and malware detection, too. So it was refreshing to come across a light

Another Twitter Security Problem

As reported at http://www.eweek.com/c/a/Security/Twitter-XSS-Vulnerability-Still-Wide-Open-Developer-Says-433005/, a researcher has found a cross site scripting vulnerability that affects Twitter. The researcher claims that by exploiting this he could gain access to the Twitter accounts of anyone who views his specially crafted tweets. The explanation of the problem is a bit techie, but there is a very key point

Fan Check Checks In Again?

 PC World has reported that Janakan Arulkumarasan, the creator of Fan Check says it’s non-viral, safe and legitimate, in an interview with IDG News Service.  The article quotes him as saying: "FanCheck is NOT a malicious app. Unfortunately, some malicious developers have been spreading a lie that it is — and encouraging people to download fake

SMB2 0-Day update

Microsoft’s advisory on the SMB driver issue is now available. As expected, it includes some comments on mitigation, but they’re rather fluffy. It advocates "Firewall best practices and standard default firewall configurations", which "can help protect networks from attacks that originate outside the enterprise perimeter,"  and suggests exposing a "minimal number of ports". Well, duh… I’d expect any firewall

SMB2 zero-day

Some traffic has crossed my radar concerning a 0-day exploit that apparently enables a remote attacker to crash a Vista or Windows 7 system with SMB enabled (and according to subsequent reports, Server 2008). The original post and exploit are claimed to demonstrate the possibility of a Blue Screen Of Death (BSOD) and (normally) an automatic reboot when

Is Apple’s Snow Leopard Immune to Malware?

There is an interesting and humorous work of fiction at http://www.appleinsider.com/articles/09/09/07/inside_mac_os_x_snow_leopard_malware_protection.html. Humorous as long as you don’t believe it! The article starts out saying “Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software”. That’s a nice layer of defense, but there are sites many sites

Armor for Social Butterflies

I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you

Pack up your troubles….

Somewhere back in the Dark Ages, I wrote some articles for Computer Weekly in the UK, as part of a series of articles called Security Zone. This is a regular series where the contributors are all members of (ISC)2, the International Information Systems Security Certification Consortium*. Some of those articles are accessible from the Computer

Fan Check: Fretting about Facebook

Update: Lysa Myers, of West Coast Labs, has confirmed that she knows of a number of people who’ve used the application and didn’t see anything fishy happening. It did offer to send emails outside Facebook but didn’t insist on it, so it’s hard to see where the messages from unapproved contacts are coming from. I’ll

(Win32/)Induc-tive Reasoning

I was passed a query from a journalist in the UK about Win32/Induc.A, the Delphi infector both Randy and I have blogged about previously, asking whether ESET has figures supporting my contention that this "harmless" malware actually has the potential to cause significant damage, as he had seen no reports of "even minor disruption." While

Fake Antimalware – Old Dogs, New Tricks

(1) Websense, our neighbour in San Diego, has reported a fake anti-malware scam centred on Labor Day social engineering. The scam uses malicious SEO (Search Engine Optimization) techniques, sometimes referred to as index hijacking or SEO poisoning, to misdirect potential victims. When the victim uses Google to search for Labor Day sales (apparently these are very

Septic Thumb Drive

The Register has reported that it cost Ealing Council, in London (UK) some £500,000 in lost revenue and repairs after a "virus infection" in May. According to El Reg’s John Leyden, the virus in question was Conficker-D, though because of differences in Conficker variant naming, it’s difficult to say exactly which variant that would refer to.

More Infections = A Lot More Malware

 To get a better understanding of infection trends over the last few months, the ESET research team has analyzed data compiled by our online scanner. This tool is available freely from ESET’s website at http://www.esetonlinescan.com and can be accessed by anyone to scan their system without having to install our product. Data from our online

Mac Malware (again)

An interesting comment was made to my last blog on Snow Leopard, Mac malware and all that. I’ve approved the comment, but since people who read the blog earlier won’t necessarily go back to see what comments it’s attracted, I’ll answer it here, at more length. Mac User said that "Currently, the only way to get

AMTSO – the Next Generation

I’ve just returned from Canterbury in the UK. One of the reasons I was there was to present a paper on malware naming at CFET 2009 (3rd International Conference on Cybercrime Forensics Education & Training). It was an excellent conference, and I’ll have more to say about that later (and the paper will be available shortly

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.