Phish, Phowl, and Passwords I spend a lot of time defending educational as opposed to purely technical solutions to security. Not that I don’t believe in the usefulness of technical solutions: that is, after all, ESET’s basic business. However, there are many people in the security business who believe that education is a waste of

Employee use of personally-owned computing devices for work-related purposes–known as Bring Your Own Device or BYOD–is not a new trend and security professionals have been concerned about it for some time, but there is a widely held view that the trend has been transformed of late. Why? Waves of mobile digital devices flooding into the

Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with

Awhile back we noted a case where Ramona Fricosu, a woman accused of involvement in a mortgage scam, was asked, following a law enforcement raid in which her laptop was seized, to decrypt data on the device for use as evidence, potentially incriminating her. She pleaded the 5th Amendment protection against self-incrimination and refused to

You just got a new wireless router for Christmas, but when you set it up it asks about wireless security. Do you want WEP, WPA, WPA2 or any of the other alphabet soup options they give? While it’s easiest to just pick the default setting, are you setting yourself up for trouble from aspiring hackers?

More websites stored unencrypted credit card payment information than ever this year, according to a recent report. I thought we had this figured out? Obviously this is a direct violation of Payment Card Industry Data Security Standard (PCI DSS) requirements. But seriously, this stuff is simple for the developers to fix, so why don’t they?

How do you know a service is legitimate and safe? We all have to trust by proxy sometimes, but it just doesn’t feel right to encourage people to accept reassuring statements as gospel.

One of the recurring themes of the past few years in the UK is data lost by the public sector on USB drives, CDs and so on.

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

It will likely come as no surprise to regular readers of ESET's Threat Blog that we are somewhat gadget aficionados here in the Research Department. Our focus, however, is usually on issues such as malware, spam and privacy so we do not spend a lot of time discussing gadgetry.  Every once in a while, though,