category
Education

Holiday Shopping Deadlines

In just a couple of weeks you will be out of time to shop online and have that gift delivered in time for the holiday. I expect that there will be a surge in phishing attacks designed to take advantage of the panic factor. You get an email that says something to the effect that

iTrout

Kelly Jackson Higgins with Dark Reading reported that the anti-phishing technology on the iPhone is currently not working. You can read the article at http://www.darkreading.com/security/client/showArticle.jhtml?articleID=219700594&cid=nl_DR_DAILY_T The truth is that no anti-phishing technology is reliable. The technologies can help, sometimes significantly, but the most effective protection is an educated user. All of the technologies have failure

Armor for Social Butterflies

I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you

M(b)ac(k) to the future

Mac security firm Intego blogged about Apple’s decision to include an antimalware component in Mac OS X 10.6 "Snow Leopard" and we agree that it is a good step, security-wise, to provide some basic protection against malware.  Apple has long mocked Microsoft, up to and including this 2006 advertisement which implied there were no viruses

Turkish Delight (2)

This is part two of a recent email interview with a Turkish web site, with part one made available here for the benefit of those of us who don’t speak Turkish.  I’ve done a little editing on parts one and two, primarily for cosmetic reasons. Question (4): What the golden rules for using the Internet with

(User) Education, Education, Education

Regular readers will be aware that, unlike many people in the security industry, people in this research team tend to be enthusiastic supporters of security education for end users, both inside and outside business: not as The Answer To Everything, not in terms of turning everyone who uses the Internet into a security expert, but

Security Education

Here are one or two resources some of you might find useful and interesting. Infragard and the Center for Information Security Awareness have a Security Awareness in the Workplace program that looks worth a closer look. It consists of 14 separate lessons addressing key information security issues "that can impact in the workplace". The free lessons

Securing Our eCity

San Diego is a great place to live in and visit. I grew up in San Diego and didn’t realize how good I had it until I moved to San Bernardino when I was 15.  What does this have to do with security? If you need an excuse for a trip to San Diego (or

After the Hype is Gone

We all have recently endured a week or so of extensive media hype about a worm called “Conficker”. Phrases such as “One of the worst viruses ever” and other such nonsense were tossed around like promises at a political rally, with about the same level of honesty and accuracy, perhaps even less. Conficker was already

Conficker Launches Cyber Attack Against Big Ben

In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against

Securing the Perimeter

I recently had the fantastic opportunity to participate on a panel discussion concerning cyber security. The event was hosted by the Bellevue Chamber of Commerce and coordinated by the US Chamber of Commerce and the Department of Homeland Security. Last year the Bush administration launched the Comprehensive National Cyber security Initiative or CNCI. Although focused

A Little Extra Information

I recently started writing weekly tech tips for the San Diego Chamber of Commerce. If you are interested in these tips you can find them at http://www.sdchamber-members.org/TechTip.htm. Past tips are archived there as well. Randy Abrams Director of Technical Education

What Hath God Wrought?

“What hath God wrought?” were the contents of the first ever telegraph message. http://memory.loc.gov/ammem/today/may24.html An ominous message that would seem to reveal that Samuel Morse understood some security implications of technology, except, it was his friend’s young daughter who appears to have suggested the biblical verse. Perhaps “What hath God wrought” would have been a

BCS Blogs

As a Fellow of the British Computer Society (is that the sound of a self-blown trumpet I hear? ) I get daily emails that I often don’t have time to read. Which is a pity, because when I do, I often find an interesting nugget. Sometimes I even get a paper magazine (remember those?) through the

Confused about Conficker?

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is

You Did Back Up Your Data, Didn’t You?

One of the security best practices is to back up your data regularly. This is sound advice as it helps mitigate the damages from many different threats. Lots of people think of data loss when they think of viruses, but very few viruses actually tried to cause data loss. There have been a few that

HIPAA is not privacy

Many people in the US associate HIPAA with the rules required to protect medical data. It actually is a lot more than that, but the HIPAA laws do require some minimal standards for medical providers. I recently came across an example of where HIPAA is ineffective. The medical providers are required to protect your data,

Emotions are Poor Passwords

I know, the Twitter hack is old news, but poor passwords are still common. It is a pity because it really is so easy to make a password much better and still be easy to remember. According to the press, an admin used the password “happiness” and that is how a hacker gained access to

Castlecops: more comments

Further to my post of 25th December about the withdrawal of the CastleCops services, there’s a blog at Darkreading that includes more information, including some quotes from Paul Laudanski, who was, with his wife Robin, the driving force behind the organization: also quotes from our own Randy Abrams, David Ulevitch of PhishTank, and Garth Bruen

%$^& is Fine for Cussing, But Not a Great Password

We’re closing in on the end of 2008 and about to start 7D9, or 2009 for those who do not speak hex. I thought it might be a good time to remind you to change your passwords. There are some important things to remember about passwords. Despite the IT policies that are prevalent throughout the

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
07 Dec 2009
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.