The biggest cyber security problem large companies face could be employees – a survey reveals that nine out of ten employees knowingly ignore or violate their company’s data policies.
An Oregon farm products company is suing its own bank to recover losses after a phishing attack saw $223,500 transferred to accounts in the Ukraine over a period of three days in 2010.
President Barack Obama proposed to increase Defense Department spending on cyber security to $4.7 billion this week – a rise of $800 million. This budget increase stands out against a background of broader Pentagon budget cuts.
Utility companies have been warned not to share information such as email addresses on company websites, after a spear-phishing attack on an American electricity company.
More than half of British companies could be at risk of cyber attack, after a survey found that IT departments had not begun the process of migrating from Windows XP- with just a year left before Microsoft stops offering support for the ageing OS.
Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),
For several years now, antivirus researchers have observed increasing efficiency and sophistication in malware development and distribution. At the start of 2012, I began using the term “industrialization of malware” to describe this phenomenon. I also drew a picture of the fictitious enterprise “Malware, Inc.” as a means of conveying the transformation that malware has
When something in your vicinity happens, you know right away if it is good or right. When the traffic light on a busy road is red, you know not to cross and when it is green you can cross, but still be looking around to see if it is safe. With different instances that are
USB flash drives continue to present a serious challenge to information security, for consumers and companies alike. You will be aware of this if you read our recent article on the Win32/Pronny worm, just one example of a piece of malicious software that is “in the wild” and actively seeking to spread via USB flash
Malware activity exploiting Autorun on Windows computers has been generating quite a few calls to ESET support lines lately, reminding us that old infection techniques seldom die and USB flash drives can still be an effective means of getting malicious code onto a computer. USB drives can be used to infect computers that automatically execute
It has happened before, it just happened again and it will happen in the future. It is inevitable! Some company that needs to get some press coverage or public visibility will release yet another statement on how worthless Anti-Virus is, based on its own dysfunctional test. For this “test”, they used the VirusTotal service. VirusTotal
Online passwords are a pain, and not just when you have to type them to access your online bank account or shop at your favorite digital emporium. Password pain extends to the people who have to manage them. A few weeks ago we shared some initial findings from a recent poll of 2,129 U.S. adults
Brutalize? Yes, that’s what the Governor of South Carolina wants to do to the person who breached security at the South Carolina Department of Revenue (SCDOR) and exposed Social Security Numbers and other information pertaining to 3.6 million people, as well as 387,000 credit and debit card records. Speaking to the press on Friday, Gov.
As the Better Business Bureau recently warned, scam artists are gearing up for the Presidential election season. So what pitfalls do consumers face during the final stretch of campaigning, on computers and on the phone? Recently, we’ve seen examples of phony phone calls, phony websites seeking donations, and there may be more to come. Regular
A new study finds that only 1 in 10 consumers have had any classes or training about protecting their computer and/or their personal information during the last 12 months. Indeed, a shocking 68 percent say they have never had any such training, ever. These and other findings, first revealed by ESET at the Virus Bulletin
You spell it Huawei and say it wah-way and it’s all over the news. But what does it mean for the security of your data when, as the Wall Street Journal put it, “A U.S. Congressional report has labeled Chinese telecommunications company Huawei Technologies a national security threat”? As we will see, the implications for
The federal government took much needed action today against sleazy PC tech support scammers and fake AV peddlers. Actions include lawsuits, a judgment of $163 million, and freezing of multiple assets. PC tech support scammers will be familiar to regular readers of this blog because David Harley and others have charted the progress of this
Another year, another fine Virus Bulletin conference come and gone. And some of us even got long-service badges. (My first VB was in 1996, and my first VB presentation in 1997, but there are people like our own Righard Zwienenberg whose attendance record goes back way further.) (Yes, it did rain the last day or
In our last post (part 1 of 2), we dove into Facebook timeline privacy and security, prompted by the universal imposition of the timeline view that is currently under way on the world’s largest social network. In this second part, we continue reviewing our Facebook timeline from other people’s perspective, using a tool called View
Six months ago, Flashback was attracting a lot of attention from researchers and media due to its wide spread and interesting features. Since then, we have witnessed its operator abandoning control of the botnet by shutting down its latest command and control server. This happened in May this year. The number of infected systems has