archives
April 2010

Shadows, Skinless Cats And Fired Up Bulls

There have been recent reports that University of Toronto researchers have been observing the workings of a cyber-espionage botnet. This botnet, called the "Shadow Network", appears to be a network that targeted government, business and academic computers at the United Nations and the Embassy of Pakistan in the US, among others including the Office of

Insider Threat: Malware on your ATM

  Insider Threat – your ATM may now be hacked from the inside. According to Wired’s Threat Level Blog… A Bank of America worker installed malicious software on his employer’s ATMs that allowed him to make thousands of dollars in fraudulent withdrawals, all without leaving a transaction record, according to federal prosecutors. According to the

HR 4061: What Three Bucks buys you…

According to the CBO report quoted in this graphic, three dollars from every citizen of the United States each year for four years is what the final cost will be. We’re talking about the amped up Cybersecurity Enhancement Act of 2010 (HR 4061) currently passed by the House of Representatives. This can easily be confused

From Megatons to Megapings: Cyberwarfare

A bit of news this week dealt with Cyberwarfare. Far from becoming part of the tinfoil hat crowd, cyberwarfare has been growing in real world relevance in the past eighteen months and is the primary impetus for pending legislation. While in the Cold War, detente could be measured in the megatonnage of nuclear weapons, the

Polish Air Accident and Blackhat SEO

Thanks to Marcin Gajewski for pointing out that Lech Kaczynski was the President of Poland, not the Prime Minister. I really shouldn't try to blog after a full day's travelling :( While I was enjoying a rare few days off, my colleagues at ESET Latin America were posting a blog article about the ugly way in

Spam, Bad Guys, and the Russian FSB

Interesting news this week with some heavy anticrime work in Russia resulting in the arrests of the alleged RBS Worldbank cybercriminals. In related research I had to laugh out loud at this particular turn of phrase reported by the Financial Times; The Russian Federal Security Service (FSB)has detained suspects including Viktor Pleshchuk, an alleged mastermind

Congratulations Bruce Schneier

According to CRN, Schneier is the official rock star of the security industry. Security Superstars 2010: Visionaries

Senate Bill 773: What it means for Cyber Security and Cybercrime

Allow me to frame the threat of cybercrime that we all face by quoting from Jeff Debrosse’s 2009 Cybersecurity Review white paper: Cybercriminals are global and often well organized. They are smaller and more maneuverable than most corporations. Some are sheltered by certain G8 economic countries’ policies and laws. Their thefts fuel their home country’s

iAds Come to the iPhone

Enterprise Mobile Today http://www.enterprisemobiletoday.com/news/article.php/3875521/Apple-Unveils-Key-iPhone-Upgrade.htm ran a story about some upgrades to the iPhone. There are a number of features in iPhone OS version 4. The operating system being able to multitask, like Android and other smartphones do. Corporate administrators will be able to push out updates instead of users being required to use iTunes to

Conroy’s Folly

For about 18 months now, the Australian government has been planning to spend over A$40 million on a compulsory national Internet filter. This filter seems to have come about as a result of a few very conservative and naive people talking into the ear of Stephen Conroy, the Federal Minister for Broadband, Communications and Digital

Keeping Adobe Reader and Acrobat Safe

Yesterday we blogged about a problem in the design of PDFs that can lead to exploitation. http://www.eset.com/blog/2010/04/06/pdfs-exploitable-im-shocked The problem is that PDFs are now designed to be able to include executable attachments and to execute them. Foxit has released a fix for their software. If you use Foxit then you should make sure your version

What is Koobface?

This is really easy!!! Koobface is an anagram of Facebook!!! Now you know all you need to know about Koobface. Seriously, I can tell you that Koobface is a family of threats that spread through social networking sites, but how does that help you? There are other threats on social networking sites as well. The

New Documents

Just a quick note to draw your attention to a couple of new documents that have just become available. "AMTSOlutely fabulous" (sorry – it seemed like a good idea when I wrote it…) is a review of what the Anti-Malware Testing Standards Organization has achieved so far and what it might achieve in the future. It's

Koobface Update

 ESET Latin America has confirmed that the Koobface variants they're looking at download rogue security software and other trojans from active urls. They include: Win32/TrojanProxy.Small.NEB trojan Win32/PSW.Delf.NSE trojan Win32/Qhost.NTN trojan Win32/Agent.QWU trojan a variant of Win32/Koobface.NCI worm a variant of Win32/Koobface.NCP worm Win32/Adware.Antivirus2009.AA David Harley CISSP FBCS CITP Research Fellow & Director of Malware Intelligence

No Stone Left Unturned

We have discussed SEO poisoning extensively in the ESET Threat Blog, and it should come as no surprise to our readers that any topic which trends up quickly in search engine traffic will be exploited by the criminals who specialize in such activities.  The poisoned search term du jour is "erin andrews death threat".  Apparently,

Massive New Koobface Campaign

Our colleagues in ESET Latin-America have reported that a huge new malware distribution campaign is being carried out through the popular social network Facebook. In this instance, it is our old friend the Koobface worm that is being propagated. (For more about Koobface see Randy's post here, and for more about this particular iteration, see

12345 Oh My!

A short time ago I was watching someone I know type in a password to an important web site. I wasn’t looking to see what the password was, however I noticed it wasn’t long and it was all entered on the numeric keypad. This is someone who is not a security expert, but has heard

PDFs Exploitable?!? I’m shocked…

September 2009 saw some key security analysis raining directly onto the Adobe PDF platform, particularly with SANS pointing towards remote code execution within PDFs as one of the top threat vectors: Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability (CVE-2009-1862) Adobe Reader Remote Code Execution Vulnerability (CVE-2009-1493) Kudos to Adobe for patching these

So Apple really doesn’t have a security problem?

I see that Bill Ray of the Register has also picked up on the iPad jailbreaking issue I blogged on yesterday.  (No, I don't suppose he read it there.) Interestingly, though, he talks much less about the security implications than about the slow take-up of  newspaper subscriptions among early adopters. Andy Greenberg, on the other hand,

iPad jailbreaking meets Dr. Who and Inspector Gadget

[Update: it appears that the information I had earlier was incorrect or out-of-date, and there has been loss of life. There's also a report from TechHerald suggesting early exploitation of the incident for SEO poisoning leading to fake AV. However, a quick scan currently (Monday evening) shows news items from such known malefactors as the

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.