archives
April 2012

Could your next new car be hacked (should you be scared)?

The wave of new data technology making its way into the next generation of cars – ranging from vehicles which semi-autonomously drive themselves, to realtime data streaming onto head's up displays – begs the question: will they be safe from cyber shenanigans, or will you have to deploy security software on your next (probably hybrid)

Privacy and Security in the Consumer Cloud: The not so fine print

The consumer cloud expanded again this week with the addition of Google Drive to more familiar brands like Dropbox, Microsoft SkyDrive, Apple iCloud, and Amazon Cloud Drive. Unfortunately, most of these cloud-based file storage services come with privacy and security caveats, often involving language such as "You give us the right to access, retain, use

OS X Lamadai: Flashback isn't the only Mac malware threat

The Flashback trojan has been all over the news lately, but it is not the only Mac malware threat out there at the moment. A few weeks ago, we published a technical analysis of OSX/Lamadai.A, the Mac OS X payload of a multi-platform attack exploiting the Java vulnerability CVE-2011-3544 to infect its victims. OSX/Lamadai.A has

QR Codes and NFC Chips: Preview-and-authorize should be default

What do printed QR codes and NFC (Near Field Communication) chips have in common, besides storing instructions that computers can read? They are both hackable and their ability to store and communicate computer instructions is bound to be abused, if not already, then sometime soon. This happens to every new means of communication; QR and

DNS Changer (re)lived, new deadline: 9 July 2012!

As written in our “Password management for non-obvious accounts” blog post on February 22, the FBI confiscated the DNS Servers used by the DNS Changer malware and replaced them with different servers so that infected users would not be left without internet right away. Initially these replacement DNS Servers were to be taken offline on

How to recognize a PC support scam

Pointers on how to recognize PC support/coldcalling/ammyy.com/logmein.com scams before you hand over any cash.

Phishing Using HTML and Intranet Security Settings

Phishers always try to find new ways to bypass security features and trick ‘educated’ users. Over the years we have seen simplistic phishing attempts where the required information had to be typed into the e-mail body. This worked at that time because phishing was new and hardly anyone had a notion of the implications. Later,

CeCOS VI: The Counter eCrime Operations Summit

CeCOS, to be held in Prague between 25-27 April,will again look at operational issues and the development of communal resources for first responders and forensic professionals.

Fighting the OSX/Flashback Hydra

The biggest Mac botnet ever encountered, the OSX/Flashback botnet, is being hit hard. On April 12th, Apple released a third Java update since the Flashback malicious code outbreak. This update includes a new tool called MRT (Malware Removal Tool) which allows Apple to quickly push malware removal code to their user base. The first mission

Pinterest security update

We recently highlighted a security walkthrough on Pinterest.com, the pinboard style sharing website that’s taking the social media by storm. Since then, they’ve continued to grow, and continued to have accompanying growing pains common in organizations with rapid growth. Here we highlight ways they are adapting, changes they are making, and what it means to

Will of the WISP: Your company’s Written Information Security Program

Does your company have a written information security program? If not, you could be an easy target for cybercriminals AND end up on the wrong side of the law, regardless of where your company is located or what size it is. Which law? Something they passed about two years ago in the Commonwealth of Massachusetts,

Mac Flashback Trojan: If you use Java the time to patch your Mac is now

If you are a Mac user and you have Java installed on your Mac, then right now would be a good time to run Software Update… from the Apple menu to make sure you have installed the latest Java for Mac OS X update. Installing this update will help protect your Mac from a malicious

Exploit Kit plays with smart redirection (amended)

Aleksandr Matrosov notes a new exploit kit approach to hiding redirects using implicit iFrame injection. (NB Nuclear Pack, not Blackhole.)

Free Anti-virus: Worth Every Penny?

Why you really might prefer to pay for AV security. Free Fall or Free-for-All?

BYOD Infographic: For security it's not a pretty picture

The phenomenon of organizations allowing or encouraging their employees to use their own computing devices for work–known as Bring Your Own Device, or BYOD–is now widespread in many countries, bringing with it some serious risks to company networks and data. As we first reported here on the blog a few weeks ago, ESET commissioned a

VirusTotal, Useful Engines, and Useful AV

The paper by Julio Canto and myself on the use and misuse of multi-scanner malware-checking resources like VirusTotal is now available.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.