Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of
Our colleagues in Bratislava have issued a press release which focuses on the clustering of reports from the US and Iran, and also quotes Randy Abrams, whose follow-up blog also discusses the SCADA-related malware issue at length. The Internet Storm Center has, unusually, raised its Infocon level to yellow in order to raise awareness of
…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…
You may have noticed that the blog has undergone some changes. While some may think that all the extra mugshots of yours truly are a bit over the top, I hope you approve of the somewhat livelier presentation. My thanks to everyone who worked on it. David Harley CITP FBCS CISSP ESET Senior Research Fellow
As I mentioned here yesterday, I launched a new AMTSO in the Media page on the AMTSO blog page yesterday. Since then, Pedro Bustamente has kindly sent me a whole bunch of links relating to events leading up to the launch of AMTSO in 2008, so I’ve created a separate sub-page incorporating those links out
…that this blog is not the place to ask for help with product installation and maintenance (even our products). Please contact your supplier or check the Support and Contact pages on the main ESET web site (http://www.eset.com): we simply aren't generally the best people to give you product advice. And while we appreciate appreciative comments,
Who would have thought that an initiative aimed at increasing the accuracy and relevance of anti-malware testing would be quite so controversial? Well, it was to be expected that AMTSO (the Anti-Malware Testing Standards Organization) would generate a certain amount of controversy: clearly, the organization is not going to get everything right first time. And
No-one believes that AMTSO has all the answers and can “fix” testing all by itself, but it has compiled and generated resources that have made good testing practice far more practicable and understandable. The way for testers (and others) to improve those resources is by talking to and working with AMTSO in a spirit of co-operation: the need for transparency is not going to go away.
…Somewhere in this welter of misinformation, well-meant but muddled thinking, and black propaganda, there are some issues that need clarifying… Watch this space for further information. And while you’re waiting, you might want to check the documentation and other resources at the AMTSO web site to see what the organization really proposes and what it is really trying to achieve…
Further to my last blog here, it seems that I've been missing some serious fake AV telephone scam action. Some links provided by my good friend Steve B. Nice one, Steve. :) ALERT: metsupport.com – yet another telephone based fraud (aka SupportOnClick revisited – again) http://hphosts.blogspot.com/2010/06/alert-metsupportcom-yet-another.html techonsupport.com, click4rescue.com, pcrescueworld.com: SupportOnClick revisited http://hphosts.blogspot.com/2009/12/techonsupportcom-click4rescuecom.html SupportOnClick: Phoned by
The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESET’s.
Regrettably, pretty much anything could happen to your credit card while it’s out of your sight. However, the “ATM Card Skimming and PIN capturing Awareness Guide”, while it can’t cover every possible permutation of illicit additives to your friendly local ATM, does at least offer some guidance as to what to look for.
Further to my "top ten of top tens" post, I was encouraged by some queries to revisit the “Top Ten Mistakes Made When Evaluating Anti-Malware Software” list quoted by Kevin Townsend here. As it was an AMTSO issue and most of the queries have related to an AMTSO blog post, I've returned to it (and
Here's another post from our colleagues in Spain (http://www.eset.es): mistakes in interpretation are down to me (David Harley). We have frequently talked about and shown examples of threats that take advantage of Black-Hat SEO (Search Engine Optimization). This technique (BHSEO) is used by malware authors to position the malicious links in the top results when a potential