browser security

Firefox: More Security, Less Privacy?

Perhaps I imagined it, but a few days ago when I allowed Firefox to update to fix security vulnerabilities my privacy settings were reset to less private settings. I had Firefox set to clear the history on exit, and prompt me. I also had it set not to accept third party cookies. After the upgrade

Competing and Cooperating (Don’t Attack the Customer)

In the security industry there is fierce competition. At least in the anti-malware segment there is also tremendous cooperation. I am writing from the 3rd annual CARO workshop where researchers from several anti-malware companies are sharing important information with their competitors. Quite a while back there both PCTools and ESET had false positives on each

10 Ways to Protect Yourself: Part 5

Don’t trust unsolicited files or embedded links, even from friends. It’s easy to spoof email addresses, for instance, so that email appears to come from someone other than the real sender (who/which may in any case be a spam tool rather than a human being). Basic SMTP (Simple Mail Transfer Protocol) doesn’t validate the sender’s

MD5/SSL: is the sky falling?

Lots of fuss about the paper presented at the Chaos Communication Congress in Berlin yesterday by Alexander Sotirov et al. The paper describes a proof-of-concept attack using a weakness in the MD5 cryptographic hash function to create a rogue Cerification Authority certificate using a hash collision (essentially, two messages with the same MD5 hash value).

(One out of) Ten Ways to Dodge Cyber-Bullets

It’s that time of year when everyone wants a top ten: the top ten most stupid remarks made by celebrities, the ten worst-dressed French poodles, the ten most embarrassing political speeches, and so on. Our research team came up with a few rather more serious ideas, most of which are considered at some length in our about-to-be-published

Internet Explorer Problems

It probably isn’t news to you that there’s been an issue with Internet Explorer and a recently-discovered vulnerability that exposes users of the application to a range of attacks. Certainly we’ve been getting lots of enquiries about our ability to detect it, and I suspect other vendors are getting the same barrage of questions. Of

Mytob and the National Health Service: a Matter of Trust

Okay, sorry about the horrible pun. It suddenly occurred to me that people (especially those from outside the UK) might be somewhat shocked that the Barts and the London NHS Trust, a group of three major hospitals in London took so long to deal with a malicious program that was, apparently, detected by their provider

Google Chrome May be the Wrong Choice

After having used the Google Chrome internet browser for a while now, I can say that it is generally a pretty nice browser, but I have some very serious privacy concerns.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.