To round out our series of malware and cybercrime predictions here are some of my thoughts on what the next 12 months will bring. I expect more high profile arrests of cyber-criminals but no abatement in criminal activity that seeks to profit at the expense of data owners. Some of these arrests will occur in

We recently noted that the data broker industry, in conjunction with social media outlets will become increasingly relied upon as a kind of shadow credit score for judging candidates’ qualifications. Now we see a startup that uses your Facebook profile directly to determine a “credit score” used for microloans. We hear horror stories of lost

While I share the reluctance of my colleagues to predict the future, I think there are some trends that can be classified as “reasonably likely to occur” in 2012. I make no promises, but here’s what I think we will see, in no particular order of importance or certainty. We will see increased interest in

This article was written in collaboration with my colleague Jean-Ian Boutin. The Wigon botnet (also known as Cutwail) is being used in a massive spam campaign. A multitude of ruses are used to get the user to click on a link: fake LinkedIn or Facebook notifications, free Windows licenses, fake deliveries etc. The links are

In 2011 we saw an increase concern about, and scrutiny of, what exactly social networking sites do with the data you input, both internally as well as what gets shared with third parties. But in 2012 some of that scrutiny will shift to those third parties as more people ask: What are they doing with

More websites stored unencrypted credit card payment information than ever this year, according to a recent report. I thought we had this figured out? Obviously this is a direct violation of Payment Card Industry Data Security Standard (PCI DSS) requirements. But seriously, this stuff is simple for the developers to fix, so why don’t they?

An updated version of the paper “Ten Ways to Dodge CyberBullets”, addressing the question “what are the top 10 things that people can do to protect themselves against malicious activity?”

Java will consolidate its position as the successor to PDF and SWF in the favourite exploits stakes.

What kind of malware and cybercrime can we expect in 2012? How much of it can we expect and what should we do about it? So begins that special season, the one in which experts of every stripe are called upon to prognosticate about the coming year. In keeping with the spirit of this particular

In a scathing and far-reaching US Congressional report released recently the Transportation Security Administration (TSA) was characterized in these unflattering terms: “Since its inception, TSA has lost its focus on transportation security. Instead, it has grown into an enormous, inflexible and distracted bureaucracy, more concerned with human resource management and consolidating power, and acting reactively