During a recent illness I was doing some research into rendition and the Fourth Amendment evidentiary issues which may come up more often with an increased focus on prosecution of offshore cybercriminals. The challenge: how to recover both digital evidence for Stateside trial and the actual [foreign] cybercriminal with a less than cooperative home country.
At least it’s easier to understand than the prompt from Facebook asking me to accept and open my connections which I saw a few weeks back. To manage your privacy on Facebook, you will need to navigate through 50 settings with more than 170 options. I’m starting to seriously consider switching to the next best
David Harley sent me a link to an article about a scam I wasn’t familiar with. I wouldn’t really call it a scam, it is more a diversionary and blocking tactic after a victim’s account has been compromised, but it may be an indicator of an attack. According to Wired (http://www.wired.com/threatlevel/2010/05/telephony-dos), what happens is that
Our colleagues in ESET Latin America have just blogged about an interesting botnet creation tool: the original blog is at http://blogs.eset-la.com/laboratorio/2010/05/14/botnet-a-traves-twitter/, by Jorge Mieres and Sebastián Bortnik, Security Analysts. (Mistakes in interpretation are, as usual, down to me!) In the last years we have seen many security incidents driven by botnets and exploiting the technologies
I was dismayed at a recent article on a web site that calls itself the Airline News Resource. A young student, Mr. Toms Purgailis, from Latvia wrote an article about the future of IFE (In Flight Entertainment) in which he advocates the passengers on the airplanes using iPads and laptops and just sharing their movie
While I was at the EICAR conference earlier this week, I also co-presented (along with Pierre-Marc Bureau and Andrew Lee) a paper on “Security, Perception and Worms in the Apple”… so along with the new paper, I’ve made available again the paper on Macs and malware that I presented at Virus Bulletin in 1997.
The methodology and categories used in performance testing of anti-malware products and their impact on the computer remains a contentious area. While there’s plenty of information, some of it actually useful, on detection testing, there is very little on performance testing. Yet, while the issues are different, sound performance testing is at least as challenging, in its own way, as detection testing. Performance testing based on assumptions that ‘one size [or methodology] fits all’, or that reflects an incomplete understanding of the technicalities of performance evaluation, can be as misleading as a badly-implemented detection test.
While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure:
Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S Treasury/GoDaddy/NetworkSolutions mass compromise campaigns.
In response to David Harley’s Blog about the much overhyped “Khobe” attack, RJ asked the following question: If someone were to download software they thought was genuine (freeware of some sort) and it had this code embedded into it, could the system be compromised? For Example, I download a free PDF convertor that I think
While I've been at the iAWACS and EICAR conferences with somewhat erratic connectivity, it seems that Matousec have discovered The End of Antivirus As We Know It. Actually, a lot of people have been doing that this week, but that's a topic for a later blog. Fortunately, while I was trying to get a connection