archives
May 2010

Malware Injection Campaign: A Retaliation?

This week there have been several major malware injection campaigns against WordPress blogs and other php-based content management systems. This malware injection battle began last week with Network Solutions and GoDaddy. Recently researcher Dancho Danchev has found evidence linking two US Treasury sites into the malware injection campaign: What's particularly interesting about this campaign is

Fake Adobe Updates

Adobe's Product Security Incident Response Team (PSIRT) reports  that malicious emails are circulating claiming to be Adobe security updates, many of them signed by "James Kitchin" of "Adobe Risk Management", or a similar (presumably mythical) team. Adobe says that the messages include links to download instructions for a security update that addresses "CVE-2010-0193 Denial of Service

Facebook: almost as popular as the Labour Party

[Update: according to Neil Rubenking, FB chat is now working again and it's no longer possible to view friend requests or chat activity for other users.] I've just blogged yet again about Facebook and privacy: I don't usually publish the same content on different blog sites, but this is a recurrent hot topic in the ThreatBlog,

Icelandic 419, Smoke, Ashes, and Mirrors

I've just blogged at a site that specializes in chainletter-related spam and scams about a 419-type spam  that masquerades as an email from the non-existent Frank Adam at the Civil Aviation Authority.,It's aimed at people whose air travel was disrupted by the Icelandic volcano, specifically those who found themselves stranded somewhere on mainland Europe. However, I thought

April ThreatSense Report

As you can see from this photo from the Infosecurity Europe show, my sessions down at the gym are really starting to pay off. :) As I mentioned previously, the update process on the monthly ThreatSense Report continues, and the April report is now available here. While the usual look at the top ten security

Facebook and privacy in the same sentence…

…but not in a good sense. Clearly there's a lot of confusion about the detail of Facebook's latest changes, as suggested by MSNBC at http://www.msnbc.msn.com/id/36877160/ns/technology_and_science-tech_and_gadgets/, though it's clear enough that they don't amount to a victory for common sense and user privacy. But what do you do about it? Well, here's a good start. Social Media

The Juror Scam

I recently received a summons for Jury duty. The date I was supposed to appear on coincides with a date I am scheduled to be out of the country. In Seattle they really put computers to good use. I was able to go online and reschedule the date of my jury duty. What caught my

AMTSO and EICAR

  Some of us are currently busily preparing for the AMTSO workshop in Helsinki on the 24th and 25th May 2010, just before the CARO workshop on 26th and 27th May (for which registration closes on 12th May). Before the Helsinki events, though, the EICAR conference in Paris includes some interesting testing-related material before and during the main conference.

Laughs: Redefining “Security Researcher”

Got a kick out of this Verizon Business Risk Intelligence post: “Problem-makers and Solution-makers should no more have the same label as terrorists and engineers. Sure, they both interact with explosives in their daily business but they put their skills to vastly different uses. Is there a reason we must continue to label people by

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.