category
Password

Where there’s smoke, there’s FireWire

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

LinkedIn Privacy: An Easy How-to Guide to Protecting Yourself

Introduction LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy

LulzSec lulls the NHS: not such bad lads?

…on the Twitter account owned by LulzSec that they had turned their attention to the NHS. Curiously enough, they seem to have been restrained and even responsible: while there’s an image out there of a message they claim to have sent to an administrator at an unidentified NHS site, they blacked out the details.

A Nice Pair of Breaches

…here’s a blog in stark contrast to Urban Schrott’s blog about good password practice in Ireland … Troy Hunt ran an analysis of the subset of stolen Sony Pictures passwords put out as a torrent by those nice boys at LulzSec, some 37,608 of them…

Passwords, passphrases and past caring

First: a link to another article  for SC Magazine's Cybercrime Corner on password issues: Good passwords are no joke. However good your password is, your privacy still depends on rational implementation by the service provider. Also, one of the articles that sparked off that particular post: ESET Ireland's excellent blog post on a survey carried

Lockheed Martin breached by unknown digital assailants

In an unfortunate series of events related to the RSA SecurID technology, reports are coming in that Lockheed Martin's networks have been broken into by unknown perpetrators.  Jim Finkle and Andrea Shalal-Esa broke an exclusive story and reached out to folks in the industry to get to the truth. "They breached security systems designed to

Facebook Privacy: An Easy How-to Guide to Protecting Yourself

Introduction As the sun is setting and I breathe some of the night time air I am inspired to write about Facebook.  Yes, *the* Facebook, the third largest country if it were a physical place with boundaries under a common rule of law and government.  When many people use a service such as this, it

More Cybercrime Corner articles

Recent additions to SCMagazine's Cybercrime Corner blog include: "Password strategies: Who goes there?" by David Harley, May 23, 2011 Password selection usually involves compromise, but even a short password can be reasonably strong and still memorable. This follows up at some length on a previous ESET blog by Paul Laudanski. "Fighting cybercrime" by Randy Abrams,

No chocolates for my passwords please!

Greetings Dear Reader, We have published guidance material previously on passwords and passphrases, some are blogs and some are lengthier depending on your liking (link & link).  Even still it is always good practice to reinforce sensible password techniques.  For this blog, I plan on sharing an analogous self-ritual, and one that relies on a

Sony PlayStation – Rehacked reloaded?

In life one cannot reload a particular scene; however, in gaming one certainly can.  This is an unfortunate time for Sony PlayStation and customers due to the recent breach.  Anecdotal reports are now coming in that Sony PlayStation who opened up their gaming ecosystem recently has now potentially fallen to a password reset hack.  This

Social Security Numbers: deja vu all over again

Social Security Numbers: Identification is STILL not Authentication…

Strong passwords: deja vu all over again

Since never changing your password isn’t generally a realistic option, and some sites actually prevent you from using good passwords and, even better, passphrases, we’ve produced a number of articles and papers on the topic to help make it easier to follow good practice, even when your provider seems set on preventing it. Here they are as a list, to make it easier to follow.

Keylogging taken seriously: Security upgrades in the new Hotmail

Microsoft Hotmail has a new feature: Out of Band Authentication via cell phone SMS Text. They call it ‘single-use codes’: Single-use codes This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a

Cyber-crimefighters pwn Carders.cc

Brian Krebs, source of a lot of key research on the banking trojan focus on small to medium sized business, has reported that cyber-vigilantes have rattled the cage of a major carder site by posting their member’s passwords: Ironically, the anonymous authors of the e-zine said they were able to compromise the criminal forum because

Protecting Against Password Reset Attacks

As I previously blogged today, the hacker who broke into Sarah Palin’s Yahoo account was convicted on two charges. The way that David Kernall gained access to Palin’s email account was by trying to log into  her account, saying “I forgot my password” and then he correctly answered the password reset questions. Some of the

Facebook checked out, 1.5 million accounts overdue for password changes?

The Internet is abuzz with the announcement from Verisign’s iDefense Labs that a criminal hacker on a Russian forum who goes by the nom-de-plume "Kirllos" (Carlos?) is selling the credentials for 1.5 million Facebook accounts in batches of a thousand for between $8 and $30, depending upon their quality (which, in this case, means dates

Good Password Practice: Not the Golden Globe Award

The Boston Globe suggested  that changing passwords is a waste of time, based on their interpretation of an article by Herley Cormac. Cormac's paper – well worth reading, by the way - reinforces a point that has been made many times both by me and by the "user education doesn't work" lobby. While I don't believe that education is useless,

Please do not change your password – The Boston Globe

I find it hard to not be shocked at a headline like this… Then I remembered the recent top cybercrime city survey conducted by one of our competing software vendors which had Boston ranked the SECOND HIGHEST risk city in the entire United States. I’m also not one to simply lie down and let cybercriminals

12345 Oh My!

A short time ago I was watching someone I know type in a password to an important web site. I wasn’t looking to see what the password was, however I noticed it wasn’t long and it was all entered on the numeric keypad. This is someone who is not a security expert, but has heard

Don’t Be A Twit

There's a news item out at the moment about how a French man has been arrested for a host of Twitter account attacks including the accounts of US President Obama and Britney Spears. It seems the hacks were carried out in April last year and the arrest came about after collaboration between the US FBI

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.