Your Data and Your Credit Card

[Update: I had a couple of machine crashes while I was writing this, and only just realized that a pointer to Allan Dyer's excellent article at hadn't survived to the final version. Which is a pity, because it's very relevant, and well worth reading.] Over the weekend, I posted a blog on the AVIEN site

The Internet Book of the Dead

This blog is a bit of an oddity. ESET UK were approached by Dan Damon, a reporter putting together a piece about “the complications of a digital world when someone passes away”, asking if there was someone at ESET who would be interested in being interviewed for BBC1 radio on the subject. The request got

Droid Avoids with an AppleJackHack

Will the Motorola Droid be the next malware-victimized smartphone? Well, it's a bit early to make a claim like that, but the fact that it's been rooted (an analogous process to jailbreaking on the iPhone and iPod Touch) in order to allow end-users to install unapproved applications, puts the platform one step nearer. See the

PayPal and Phishing Continued: Grooming Phish Victims

In view of some of the discussion generated by Randy's blog on PayPal's "confession" of "phishing", it's refreshing to see a straightforward summary of the issue from the estimable Larry Seltzer for PC Mag (see PayPal's view of the issue seems equivocal. They've gone to some lengths to dismiss this issue as the agenda of

Password Practice Revisited

A few months ago Randy and I put together a white paper on password "good practice" (  In it, I quoted the following table of The Ten Most-Used Passwords (sourced from 1 123456 2 password 3 12345678 4 1234 5 pussy 6 12345 7 dragon 8 qwerty 9 696969 10 mustang  Today, I came

Paedophilia and the “Trojan Defence”

This is a follow-up of sorts to Jeff Debrosse's thoughtful post recently on the problem of possible conviction for the possession of illegal paedophiliac material of individuals who had no knowledge of its presence. More recently, a tweet by Bob McMillan drew my attention to an article by Geoff Liesik on "Authorities scoff at 'child porn

Qinetiq Energy: A Patent Leathering

[Update: Michael St Nietzel also pointed out that there's an issue with installers that verify a checksum before installation. In fact, this is a special case of an issue I may not have made completely clear before: unless this approach is combined with some form of whitelisting, there has to be some way of reversing the modification

iBot Mark 2: Go Straight To Jail Do Not Pass Go

[Update, courtesy of Mikko: this worm targets at least one Dutch bank, and activates when users go to the online bank with an infected iPhone ] [Update 2, courtesy of Paul Ducklin: how to change the password of an infected phone. I could just tell you what the password is, but you might want to read

And talking of Cyber Monday…

Even in Europe, we have a rough idea of what Thanksgiving is about, though we don't celebrate it at the same time or in the same way. However, Black Friday and Cyber Monday are rather less well known outside the US. Since Randy has already blogged on Cyber Monday and its security implications at, I took the

Great Hoax From Little Acorns…

I learned a new word today. "Glurge", according to, an essential resource when checking the validity of dubious chain letters, glurge is the sending of inspirational (and supposedly true) tales … that often … undermine their messages by fabricating and distorting historical fact in the guise of offering a "true story". I came across

The Honour’s All Mine

(Much) earlier this year, Randy posted a blog on some email he received about his inclusion into the 2009/2010 Princeton Premier Honors Edition Registry ( I was reminded of it (yes, Randy, someone does read your blogs ;-)) when I got a couple of emails telling me I'd been nominated for an entry into the

Biting the Hand that Feeds You?

Verizon has just done something rather brave. The company has issued a report on "ICSA Labs Product Assurance Report" ( that talks about the difficulties that most products have in meeting the requirements of ICSA Labs certification. Why is it brave? Because those companies provide ICSALabs with a healthy income, and might therefore be a

No Mule’s Fool

After a few years in the security business, it's easy to get a bit too used to the background noise, and forget that not everyone is familiar with concepts like phishing (see Randy's recent blog at, or botnets ("whatever they are", as my brother said to me quite recently), or money mules. I've written

What a performance!

 We came across an interesting test report at Symantec commissioned a comparative performance test from Passmark. That is, a test measuring performance in terms of speed and resource usage rather than looking at detection rates. Not surprisingly, Symantec came out very well overall, and deserves congratulations for demonstrating how far it's gone in addressing

Botnets, Complacency and the UK Government

Gadi Evron drew my attention in an article for Dark Reading to a piece in IT Pro by Asavin Wattanajantra. The piece quotes Dr. Steve Marsh, of the UK's Cabinet Office (the Office of Cyber Security, to be precise) as saying that botnet operators are interested in money-generating attacks on the private sector, not causing

AVIEN blog: Absolute Elsewhere

Strangely enough, I'm actually encouraged to contribute to other blog pages, perhaps in the hope that I'll stop cluttering this page with rubbish about iPhones. Today I've finally remembered that I'm supposed to contribute regularly to the AVIEN blog page at You might find these a little lighter in tone than I tend to

Is There A Lawyer In The Lab?

Now that the end-of-year security conference season is winding down, we're able to start making available some of the presentations and papers that we've been building up in the past few months, but haven't been able to make publicly available ahead of the events for which they were written. We've already made available a slide

When is a worm not a worm?

Will No-One Rid Me Of This Turbulent Hacker Tool? ( I was kind of hoping to have moved on from the iPhone data stealing hacker tool by now. While I do think it's a significant development (see, there comes a point where the sheer volume of discussion of the subject gives it more importance

iPhone Hack Tool: a Postscript

Update: there's more information on the Windows 7 exploit mentioned below in a Register article at Update 2: I keep seeing references to this as a virus or worm. However, the code I've seen does not contain any self-replicative functionality. It's not even a Trojan, as such. Following an extract from one of my

ThreatSense.Net: Fear and Loathing in the UK

I was asked about malware infection in the UK (especially with reference to Conficker), and(a) if the situation is really as bad as we, the AV vendors make out, and what the real infection rate is; and (b) whether government and ISPs etc could do more to help. You can now find a link here

Follow us

Copyright © 2015 ESET, All Rights Reserved.