category
General

New U.S. law: nasty website killswitch

In a new twist on a familiar theme, legislation is being proposed to allow a court order to require providers to “shut off” websites deemed to be “dedicated to infringing activities.” This would allow websites to be shut down immediately, without any final court judgment of wrongdoing, or site owner notification. If the “PROTECT-IP Act”

Government hackers hit al-Qaida?

Al-Qaida appears to have had its web communications hit by hackers, thwarting its continued effort at updating the world about its activities. It appears that a good portion of their global web presence has been affected. A year ago a similar style attack halted their web communications. According to Evan Kohlmann from Flashpoint Global Partners,

Sony lawsuit: security experts fired prior to breach

A lawsuit being leveled against Sony relating to the recent breach activity alleges they skimped on security experts, laying off a batch of professionals prior to the events. The suit, seeking class action status, is being brought by Felix Cortorreal, Jimmy Cortorreal, and Jacques Daoud Jr., who claim they were directly affected by the data

FBI nabs international “scareware” ring

Long a puzzling challenge, the FBI seems to be making strides in tackling international coordinated scams, in this case, scareware. Scareware, the practice of providing fake infection notifications to users’ computers, and then offering to sell solutions to problems that don’t exist, has been quite a boon as of late for fraudsters. FBI claims the

EU to urge shorter data breach notification times

Following a string of data breach notifications which seem to be less than forthcoming, the EU is urging much stricter guidelines for data breach reporting timelines. It a recent article, European Commissioner Viviane Reding was shocked “that companies needed two or three weeks to inform people that their personal data had been stolen.” Recently I

Got Hacked? You have 48 hours to fess up

Or so the current legislation being proposed in a U.S. House of Representative subcommittee would like it. A hearing scheduled for today at the House Energy and Commerce Committee’s Commerce, Manufacturing, and Trade Subcommittee centered around draft legislation proposed by Rep. Mary Bono Mack (R-Calif.) hoping to accomplish a security baseline companies must adhere to,

The dollar cost of a data breach

Euro, pound, yen and yuan, no need to feel left out, no physical border has stopped the possibility of data breach so far. Still, here in the U.S. it’s a key factor in many technology budget/risk calculations. So just what does it cost to get hacked? A recent article from the Ponemon Institute has attempted

Bitcoin: P2P underground cyber currency?

Bitcoins, a self-generated hash-based peer-to-peer currency with no centralized regulating body, are on a stratospheric trajectory, will it replace traditional legal tender as the currency of choice for cyber-nastiness? First, a little background. Bitcoins first surfaced in a white paper purportedly by Satoshi Nakamoto. While no one can trace his (her) exact identity, it seems

Real War – The Next Cyber Frontier

Cyber Security pundits have been keenly watching the development of nascent state targeted attacks such as the Stuxnet worm with interest for some time and warning of the possible implications, but now it’s official. According to The Wall Street Journal, “The Pentagon’s first formal cyber strategy, unclassified portions of which are expected to become public

Happy National Internet Safety Month

Well, isn’t today a happy day! We have International Children’s Day and National Internet Safety Month. For those of you outside of the US, feel free to join us in the celebration. In observance of Internet Safety Month, ESET has teamed up with the San Diego Police department to launch SafetyNet eLearning, a free online

Social engineers don’t care about your OS: and nor should you

Security companies in general and, unfortunately, anti-malware companies in particular, are often accused of ‘hyping’ threats because of a perceived self-interest. However, in the main, legitimate vendors and researchers like those at ESET typically try to resist overhyping or playing up threats where possible, in favor of more balanced discussion that can help customers take

MacDefender (now MacGuard) Can Install Without Credentials

The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the

Facebook Privacy: An Easy How-to Guide to Protecting Yourself

Introduction As the sun is setting and I breathe some of the night time air I am inspired to write about Facebook.  Yes, *the* Facebook, the third largest country if it were a physical place with boundaries under a common rule of law and government.  When many people use a service such as this, it

Anyone Fluent in L33t speak?

I went to verify some information to complete my account registration with an office supply store. The last item looked like this I initially thought that if it is a word, it must be l33t speak, but ahh, Google Translate to the rescue! I don’t know what 443xje5 means in French or English, but the

Securing Our eCity Cybersecurity Symposium

I'm a little late on this since I've been out of office for a few days, and only just picked up the relevant email. However, the Securing Our eCity Cybersecurity Symposium and IT Exec awards event is, I gather, happening right now and being tweeted live with the hashtag #SOEC . More information on the event

Obfuscated JavaScript: Oh What a Tangled Web

My colleague Daniel Novomeský alerted me to a problem he's observed with the way some web-developers use JavaScript: a few of them have the habit of obfuscating JavaScript code on their web sites, presumably in order to compress it so that it takes less disk-space ("packing") or using a "protector" in order to make it

Global malware thrives on the demise of a global terrorist

[NOTE:  As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook.  Click here to view their article in Spanish. We will follow up on this shortly.  AG] The malware phenomenon started by the announcement of Osama Bin Laden’s death continues

Cyberthieves just love a good wedding, or a funeral…

Not using Twitter or Facebook is, in these times, akin to not owning or using a mobile ‘phone. Last night’s events – the reported death of Osama Bin Laden – proved that we are well and truly in the Twitter era (Twitter reported that over 4000 tweets per second were made immediately preceding the President’s

SCADA concerns

Greetings, my faithful fans. Did you miss me? I've just had a restful week hiding from the Internet in a remote cottage in Devon, which is why I've been uncharacteristically quiet. Before that, though, I had an interesting and useful week in London mostly centred round the Infosec Europe expo, where apart from wall-to-wall meetings

I take you, XPAntiSpyware, to be my…

One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.