[Update: so far I have two votes for dumb. Maybe I'm giving this spammer too much credit, and it is a simple "spam template fail" ;-) On the other hand, while I wouldn't vote "evil genius", I'd still love to know how many people actually fall for this - I don't have a problem envisaging

It has been a year since we last discussed fraudulent domain name registrar scams and we wanted to let people know that this scam continues unabated. In a nutshell, a message is sent to a publicly-visible email address listed on your website (sales, support, the CEO's office, a public relations contact, et cetera) from a

Greetings, friends and fiends. It's been a while since I've been able to blog: I've been trying out one of these vacation thingies that I keep reading about in travel magazines. (Well, my wife does, and she tells me when I need a holiday, presumably as my conversations get grouchier.) But I see that my

SC Magazine's Dan Raywood reports that "To be completely patched requires an average of between 51 and 86 actions per year", quoting findings by Secunia that " in order for the typical home user to stay fully patched, an average of 75 patches from 22 different vendors need to be installed, requiring the user to

There was an AMTSO (Anti-Malware Testing Standards Organization) panel session here at RSA, where Larry Bridwell, Righard Zwienenberg, Andreas Marx, Roel Schouwenberg and Neil Rubenking talked about AMTSO and what it does (and what it hopes to do). And I added to my list of qualifications for being involved with the organization: current vendor representative,

Greetings, friends and fiends. I've been uncharacteristically quiet for the past couple of weeks, due to the AMTSO workshop last week in Santa Clara. There was, as usual, some lively discussion: though no papers were approved at the meeting, some are close enough to finished to be voted on shortly. (See also the AMTSO blog

While RSA 2010 is in high-gear, I took some time out from meetings, speaking at our booth theater and catching up on threats, to listen to the recently-appointed  Cybersecurity Coordinator (Cyber-Czar) share his views on issues involving cybersecurity as well as his objectives and priorities.  The interview started off with an introduction which revealed a

A report was recently released which examined the accuracy of the information within the WHOIS system. WHOIS services are intended to provide free public access to information about the registrants of Internet domain names. This report was commissioned by ICANN, the body that oversees the allocation & registration of Internet domain names. Probably the most

[Part 10 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is also available shortly at http://www.eset.com/download/whitepapers.php as a white paper.] Don’t be a Crackhead Don’t use cracked/pirated software. Such programs provide an easy avenue for introducing malware into (or exploiting weaknesses in) a

[Part 9 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is now available as a white paper at http://www.eset.com/download/whitepapers.php.] Be Wireless, not Careless Don’t connect to just any “free Wi-Fi” access point: it might alter your DNS queries or be the “evil twin” of