category
Password

Linux/SSHDoor.A Backdoored SSH daemon that steals passwords

In his summary of New Year predictions by security researchers here at ESET, Stephen Cobb pointed to expanded efforts by malware authors to target the Linux operating system. Looks like that might be right: A blog post published by Sucuri yesterday describes a backdoored version of the SSH daemon discovered on compromised servers. Interestingly, this

Ninety per cent of passwords are vulnerable to hacking, says report

According to the Deloitte Technology Trends 2013 report more than 90 per cent of user-generated passwords are weak and vulnerable to hacking, including those considered strong by IT departments.

Securing Your Holiday Tech Gifts, Part 1: Windows PC Guide

[UPDATE #1:  (21 Dec 2012, 5:30PM) ESET Researcher Cameron Camp has just published the second part of this series on securing your Android device.  Read it here on the ESET Threat Blog at Securing Your Holiday Tech Gifts, Part 2: Android Guide.  AG] December is upon us, and whether you have a Christmas tree, menorah,

Password handling: challenges, costs, and current behavior (now with infographic)

Online passwords are a pain, and not just when you have to type them to access your online bank account or shop at your favorite digital emporium. Password pain extends to the people who have to manage them. A few weeks ago we shared some initial findings from a recent poll of 2,129 U.S. adults

Younger people less secure online than their elders new study suggests

Are younger people less aware of online security risks, or do they simply prefer to take more risks with their personal information? That’s one of the questions raised by the findings of our recent poll of 2,129 U.S. adults (aged 18 and over) by Harris Interactive.

Choosing a non-obvious PIN

There is very little research data on PIN prevalence available, so analysis of a new dataset of 4-digit passcodes can’t be ignored.

Bad password choices: don't miss the point

Phish, Phowl, and Passwords I spend a lot of time defending educational as opposed to purely technical solutions to security. Not that I don’t believe in the usefulness of technical solutions: that is, after all, ESET’s basic business. However, there are many people in the security business who believe that education is a waste of

Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password

Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here

Password Party Weekend? Millions exposed now include Phandroid, Nvidia, me

Changing the passwords on your online accounts might not sound like a fun weekend activity, but that’s what I did last weekend. Why? Because on Sunday I found out that one of my email addresses was in the list of Yahoo! logins whose passwords were exposed by sloppy handling of a credential file (an incident

Passwords of Plenty*: what 442773 leaked Yahoo! accounts can tell us

If a service leaks your credentials, your options are limited, but changing all your passwords to something harder to guess/break is never a bad idea.

Guarding against password reset attacks with pen and paper

With the recent announcements of password breaches at LinkedIn, and warnings from Google about state-sponsored attacks on Gmail accounts, it seems like a good idea now to review some password security basics.  In this blog post, we’re going to take a look at a rather low-tech solution to a decidedly high-tech problem:  How to guard

Passwords and PINs: the worst choices

It’s important to know the worst password choices, but also the worst choices for numeric passcodes.

The BYOD security challenge: How scary is the iPad, tablet, smartphone surge?

Employee use of personally-owned computing devices for work-related purposes–known as Bring Your Own Device or BYOD–is not a new trend and security professionals have been concerned about it for some time, but there is a widely held view that the trend has been transformed of late. Why? Waves of mobile digital devices flooding into the

Password management for non-obvious accounts

A continuation on: Time to check your DNS settings? After 7 March 2012, lots of people potentially can be hit as their systems are infected by a DNS Changer. Several government-CERTs have already warned their users. Rather than using the ISP’s DNS Servers, the malware has changed the settings to use DNS Servers controlled by

Passwords, passphrases, and big numbers: first the good news…

Static passwords: if we can’t kill them off, can we at least improve them? Yes, but here’s a not of caution.

Passwords, Stratfor, and Newton’s 3rd Law of Motion

Dazzlepod is saying … if your account name comes up, change your current password … why not assume that your account is compromised and go ahead and change it anyway and everywhere?

IRISSCERT, ESET Ireland and the Luck of the Irish

The IRISSCERT conference in Dublin has drawn attention to Irish cybercrime statistics since January 2011.

Much Ado About Facebook

The Reuters news agency reported earlier today a sudden increase in violent and pornographic images and videos on Facebook.  A quick review of my personal account and a check-in with my other Facebook-wielding colleagues revealed a couple of nothing more than a couple of suggestive pictures, complete with snarky comments embedded in them, from the

Stolen password checking: a question of trust

How do you know a service is legitimate and safe? We all have to trust by proxy sometimes, but it just doesn’t feel right to encourage people to accept reassuring statements as gospel.

1000 days of Conficker

Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.