category

General

When Trends Collide: Spear Phishing, Security Awareness, COVS and More

The news that Japan's top defense contractor and weapons maker, Mitsubishi Heavy Industries, fell victim to cyber attacks in August is likely to increase the pressure to improve information system security from Tokyo to the Pentagon and every government contractor, outside vendor, and supplier in between. As pointed out in the Reuters report, the Japanese contractor–commonly

The Good News About Security and Privacy Breaches: An Opportunity to Learn

Last week there was a report of a "health data breach" at Indiana University School of Medicine, hot on the heels of the "medical privacy breach" the week before at Stanford Hospital in Palo Alto, California. In the Stanford breach, a commercial website was found to contain data relating to 20,000 emergency room patients including

The Online Apartment Rental Scam, Fully Furnished With Multiplier Effect

Internet scams are not new, and some of the strategies they use are not unique to the Internet, but there is no doubt that the Internet can provide a multiplier effect for people intent on defrauding others. I discovered a "good" example of this when I started looking for a place to live in San

Who’s responsible for your online data?

What happens after you share data online, and others re-share it, etc.? As data becomes increasingly inter-connected, with multiple parties touching the same data, Internet users are starting to wonder: who DOES have access to their data? Are they acting in your best interest? And who should be checking to make sure they do? The

Back to School Qbot, now Digitally Signed

The authors of Win32/Qbot (a.k.a. Qakbot) are back with new variants of this infamous malware, and this time the binaries are digitally signed. Qbot is a multifunctional trojan that has had some significant impact in the past. It has also been around a while, with the first variants dating as far back as spring 2007,

Win32/Delf.QCZ : Additional details

At the beginning of this month, my colleague Robert Lipovsky posted an article on a new threat called Win32/Delf.QCZ, also known as Trojan.Badlib or Trojan.Win32.Miner.h. This threat caught the attention of others and additional information has since been added by fellow researchers on the blogs of Kaspersky and Symantec as well as on the H-Online

Win32/Kelihos, Recruiting in a Country Near You

As part of our botnet monitoring initiative, we recently stumbled across an interesting piece of news. The Win32/Kelihos botnet, a likely successor to Win32/Waledac and Win32/Nuwar (the infamous Storm worm), is now sending spam to recruit money mules. We captured two different spam templates used by the bot to generate spam messages. As shown in

Mobile devices auto-import phonebook to Facebook

If you downloaded the Facebook app for your mobile device, and just zipped through the install options (like users commonly do), did you know all your contacts could now be on your Facebook Contact list (formerly Phonebook) and can be datamined by Facebook? This is also disturbing if Facebook itself gets hacked and your phone

Hack wireless industrial sensors in a few easy steps

On the heels of the recent activity with Stuxnet, the industrial process control computer worm that targeted Iranian nuclear centrifuges, a Blackhat talk by Thanassis Giannetsos explains how to hack yet another commonly used family of controllers. We have mused that this trend, targeting critical infrastructure nodes, is but a shade of things yet to

Win32/Delf.QCZ:Trust Me, I’m Your Anti-Virus

  Among the many different trojans that spread on Facebook, something popped up recently that caught our particular attention. The threat, detected by ESET as Win32/Delf.QCZ, is interesting for several reasons. Distribution First, let’s look at the distribution vector. Win32/Delf.QCZ relies on the old “fake codec/media player trick” and links to the malware-laden site are

Blackhat Cyberwarriors: We ARE the next war frontline (with a fire alarm thrown in)

Finally seated in the crowded auditorium at Blackhat 2011, our first keynote speaker, Cofer Black, a veteran government intel mainstay, regales us with the US threat stance and endeavors, mostly in the physical arena of combat and operations. Then he relates it to the cyber arena. Referencing the U.S. Government’s highest priority threats, which used

Fix cybersecurity: Rent a cyber-mercenary?

Citing the days of yore, when firms hired private security to protect their interests, General Michael Hayden, One of the architects of US foreign policy under George W. Bush, floats the idea of a sort of digital version of the oft-illustrious Blackwater firm (since renamed Xe); a modern day cyber rent-a-mercenary program for governments. He

Hacktivism: not a get-out-of-jail card?

What we’re lacking here is a clear differentiation between types of “hacktivist” or, indeed, “activist”: much of the commentary that’s around at the moment seems to assume that all hacktivists are the same.

Win32/PSW.OnlineGames.OUM : Part 2 – Data stealing

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006, it is amongst the most detected threats by ESET, taking the 7th position between January and April 2011. In our previous blog post,

Win32/PSW.OnlineGames.OUM – Part 1 : The update process

Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular game titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006. This malicious software is amongst the most detected threats by ESET, taking the 7th position of the Top 10 most detected threats

Online piracy: Fight it like REAL pirates?

Fighting modern day piracy is something of a paradox; in an open system that allows freedom (good), scoundrels are also free to skulk around doing nasty things (bad). Various efforts have been made to pounce on evildoers, but it’s a game of whack-a-mole. When one has been thwarted, others pop up as variations on the

Data breach insurance: Is it worth it?

So you bought insurance against a data breach. With all the potential loopholes and variables, is it worth the cost for the coverage required to handle a real-world scenario? That’s a tender subject these days at Sony. In light of their recent breaches, soaring near an estimated $180 million, it seems their insurance provider, Zurich

50 ways to hack a website

Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control

Come along, little doggy, come along

The most common malware technique for avoiding detection is to create loads of “fresh” variants. Actually, the component that changes so frequently is the packer – the outer layer of the malware, used by malware authors to encrypt the malware and make it harder to detect – whilst the functionality of the malicious code inside

The Price of Fame

…there are (over) 2,095,006,005 Internet users nowadays (due credit to www.internetworldstats.com). Inevitably, some of them are going to have the same name as real celebrities and fictional characters…

Follow us

Copyright © 2016 ESET, All Rights Reserved.