Introduction It might not have escaped your notice that I write quite a lot about support scams, an issue in which most commentators in the security industry take only sporadic interest and tend to regard as of only niche interest. (As when a scammer is damaging their brand or product in some way, for instance
Is it time to revalue the role of anti-malware? Maybe, but uninformed or intentionally misleading mutterings about signatures are not where to start.
Smartphone authentication: is biometric technology ready to replace PINs and passwords?
Search Engine Optimization: it’s an essential component of internet marketing strategy, I guess, but one with a bad public image, especially in the wake of years of abuse of optimization techniques by purveyors of malware and other bad actors (Black Hat SEO, or BHSEO).
iOS and OS X the most vulnerable operating systems? Don’t confuse vulnerabilities with exploits, or patch frequency with insecurity.
While phishing-related malware is still mostly Windows targeting, attacks that rely purely on social engineering and fake web sites might be delivered by any platform, including smartphones and tablets. The more cautious you are, the better informed you are, and the more you think before you click, the more chance you have of leaving phishing craft stranded.
ESET conference papers from the 2014 Virus Bulletin and AVAR conferences are now available.
The media have associated a number of destructive hoaxes with 4chan: people need some historical perspective on how the site actually works.
Given the ‘nightmare’ that is password management, is Microsoft right to say that it’s sometimes OK to re-use the same memorable password on several sites?
The US is still perceived as a hotspot for card fraud: what difference will the ongoing roll-out of Chip & Signature EMV make?