category
More Technical

The Next Stuxnet

…the ‘next Stuxnet’ probably won’t be any such thing, whatever we may choose to call it…

Why the IMF breach?

In the absence of any detailed information from the IMF itself, it’s not surprising that most of the surmise around the attack is based on internal IMF memos quoted by Bloomberg, and much of it is rather tenuous.

CTACtile

…if you’re a Facebook user, you might want to try the CTAC Facebook page. I’ve taken to posting links to CTAC output there at the same time as I tweet it…

The dollar cost of a data breach

Euro, pound, yen and yuan, no need to feel left out, no physical border has stopped the possibility of data breach so far. Still, here in the U.S. it’s a key factor in many technology budget/risk calculations. So just what does it cost to get hacked? A recent article from the Ponemon Institute has attempted

Fake Windows Updates Are Easy to Avoid

Our friends (and competitors) at Sophos blogged about a new threat that poses as a Windows Update and then infects unsuspecting users with a fake antivirus product. The update appears to be very real and is tricking users. While my colleagues at Sophos offer excellent advice to help people protect themselves (as I believe we

Like FireSheep? You Will Love FireTweet!

OK, if some unimaginative journalist and/or editor can call a pair of bulging briefs “Weinergate” I can call this Twitter App “FireTweet”. Like Firesheep, Royal Test (FireTweet) is an attempt to demonstrate a privacy problem. Techcrunch reported this story and I have verified the privacy issue. Despite allegedly being unable to read private messages, applications

LulzSec lulls the NHS: not such bad lads?

…on the Twitter account owned by LulzSec that they had turned their attention to the NHS. Curiously enough, they seem to have been restrained and even responsible: while there’s an image out there of a message they claim to have sent to an administrator at an unidentified NHS site, they blacked out the details.

Citigroup Hacked – Sometimes it is all About the Money

At least I don’t have to use the “S” word today! A New York Times story reports that Citigroup has disclosed that it had suffered a data breach that disclosed information about approximately 1% of its North American credit card holders. Based upon Citi’s annual report this would be about 210,000 affected customers. According to

Sony Says Personally Identifiable Information Might Have Been Stolen

Today, June 8th Sony Pictures published a consumer alert on their site http://www.sonypictures.com/corp/consumeralert.html. The alert is about the data breach that was not discovered by Sony, but rather shoved in Sony’s face on June 2nd and specific details were confirmed by the Associated Press on June 3rd. Despite the fact that it was confirmed that

Sometimes Marketing Looks Like a Dog Biting His Tail

I’m not paid to find irony in life, it’s just how I’m wired. For example, I found it hilarious that in a Singapore airport restroom with toilets that flush automatically, touch-free sinks, touch-free soap dispensers, and touch-free hand driers, they have a TOUCH SCREEN “rate our bathroom” survey! I’m not making this up, here’s the

A Nice Pair of Breaches

…here’s a blog in stark contrast to Urban Schrott’s blog about good password practice in Ireland … Troy Hunt ran an analysis of the subset of stolen Sony Pictures passwords put out as a torrent by those nice boys at LulzSec, some 37,608 of them…

Passwords, passphrases and past caring

First: a link to another article  for SC Magazine's Cybercrime Corner on password issues: Good passwords are no joke. However good your password is, your privacy still depends on rational implementation by the service provider. Also, one of the articles that sparked off that particular post: ESET Ireland's excellent blog post on a survey carried

Boys will be boys…

…whatever the hacker community’s personal taste is in games and consoles, gamers are a tempting target…

Sony USA has an Opening for a Senior Network Administrator

I wonder if that is a coincidence that Sony Corporation of America is looking for a Senior Network Systems Administrator considering an Associated Press article reported that victims of the latest Sony Pictures data breach have confirmed that the information that the blackhat group “Lulz Security” leaked was real information that did come from Sony

Bitcoin: P2P underground cyber currency?

Bitcoins, a self-generated hash-based peer-to-peer currency with no centralized regulating body, are on a stratospheric trajectory, will it replace traditional legal tender as the currency of choice for cyber-nastiness? First, a little background. Bitcoins first surfaced in a white paper purportedly by Satoshi Nakamoto. While no one can trace his (her) exact identity, it seems

TDSS and hacking the hackers

…Aleks and Eugene released a new version of the tool they developed in the course of their research into the TDL family…

Facebook and Microsoft De-cloak Chrome – MS Neuters Their Privacy Advocate

What’s wrong with this picture? Yes, that’s right, I am using Google’s incognito mode and Clicker knows exactly who I am! I have previously blogged here and here about Facebook’s instant personalization, but let me spell it out for you. Facebook “Instant Personalization” destroys Google Chrome’s “Incognito mode”. There is nothing incognito about opening a

North Korea’s Overseas Cyber Warrior Training

It appears North Korea is expanding their cyber warrior savvy in a plan that includes sending the best and brightest of young programmers abroad to bone up on hacking, with the alleged goal of holding their own in cyber warfare. On the heels of the recent Pentagon announcement where cyber terrorism acts may be met

Facebook Invites Stalkers to Your Profile

A couple of days ago I blogged about a disturbing new way that Facebook was sharing information without notification or authorization. A friend of mine pointed me to an article on ZDNET that described the issue and what was happening. The “feature” is called “Instant Personalization” and the concept is simple. The concept is not

MacDefender undergoes a name change, MacShield

The MacDefender malware has morphed again, now taking the guise of "MacShield."   As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache. The UI is essentially unchanged, but as usual all

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

1 article related to:
Hot Topic
18 Jul 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.