Phish, Phowl, and Passwords I spend a lot of time defending educational as opposed to purely technical solutions to security. Not that I don’t believe in the usefulness of technical solutions: that is, after all, ESET’s basic business. However, there are many people in the security business who believe that education is a waste of
The threat of the Dorifel/Quervar malware spreading in the Netherlands is being used by telephone scammers to trick local PC users into paying for ‘protection’.
Jonathan Brossard describes an ‘undetectable, unremovable’ attack on firmware through gimmicked hardware or a subsequent malware attack. David Harley isn’t convinced.
If a service leaks your credentials, your options are limited, but changing all your passwords to something harder to guess/break is never a bad idea.
First the panic, then the accusations of hype. Can we really estimate the impact of DNSchanger yet?
David Harley describes a support scam that uses a slightly different twist, misrepresenting the output from Windows Task Manager.
I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was
AMTSO’s discussions on its own new directions, and updates to its testing-related resources.