category
More Technical

50 ways to hack a website

Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control

Come along, little doggy, come along

The most common malware technique for avoiding detection is to create loads of “fresh” variants. Actually, the component that changes so frequently is the packer – the outer layer of the malware, used by malware authors to encrypt the malware and make it harder to detect – whilst the functionality of the malicious code inside

Stuxnet: Broke Iranian nuclear centrifuges?

Or so the latest report from DEBKAfile states, claiming the Stuxnet worm broke numerous Iranian centrifuges by forcing them to overspeed, causing damage and prompting the replacement of some 5,000-6,000 units. They cite “intelligence sources” as the source of information. Whether or not this will be confirmed, it seems malware authors clearly are targeting political

Android apps: slow data leak?

With the proliferation of the data we hold on our mobile devices, it’s no wonder Neil Daswani, CTO of Dasient, says around 8% of the apps they tested have been leaking data. In a similar vein, he states, “The number of malware samples on mobile devices has doubled in the past two years.” Google tends

Manga Management and Malware

…one Yasuhiro Kawaguchi was arrested yesterday on suspicion of “saving a virus on his computer,” though the story suggests distribution of malware too…

‘Anonymous’ NATO data breach?

2 days ago, the FBI announced a series of raids resulting in arrests of alleged members of the hacking group ‘Anonymous’. Hoping to deal a critical blow to the organization, they swept up more than a few potential members, and a tidy stash of computers to boot. So we’re done with ‘Anonymous’, right? Today, we

Rental laptops: We can SEE you

Finally scraped up enough money to rent a laptop? Turns out the rental company may be getting a little more of your information than you thought. Seems they have the ability to secretly turn on the webcam and take a look around, especially if they suspect shenanigans on your part, like maybe not returning their

FBI rounding up suspected ‘Anonymous’ group members

As of 1:20 EST today, The Atlantic Wire reports an FBI official has stated there have been raids and arrests of multiple individuals at multiple locations nationwide. Later reports from CBS/AP pegged the arrest number at 14, and report “FBI agents conducted raids at four New York residences as well as locations in California, New

Telex: even MORE anonymous?

In this case, we aren’t referencing the group who, as of late, has made headlines for hacking endeavors. A new technology, sort of a modified proxy chain on steroids, seems to be gaining some proof-of-concept notoriety, hoping to offer new levels of anonymity while surfing online. The technology hopes that when users connect, the network

Support desk scams: CLSID not unique

…the scammer doesn’t need you to edit the registry to find the CLSID he’s looking for. He simply has to persuade you to run the ASSOC command…

The Price of Fame

…there are (over) 2,095,006,005 Internet users nowadays (due credit to www.internetworldstats.com). Inevitably, some of them are going to have the same name as real celebrities and fictional characters…

Hodprot is a Hotshot

In their presentation “Cybercrime in Russia: Trends and issues” at CARO2011 — one of the best presentations of the workshop, in my unbiased opinion ;-) — Robert Lipovsky, Aleksandr Matrosov and Dmitry Volkov mentioned the Win32/Hodprot malware family, which seems to be undergoing something of a resurgence.

An Apology

ESET wishes to apologize to Google and it’s CEO for a recent posting that failed to meet the high standards of professionalism our readers have come to expect from our blogs. In particular, ESET regrets any implication that there may have been deliberate unethical behavior on the parts of Google or it’s executives in relation

Is Google Plus the Rumble in the Jungle?

If you don’t remember the Rumble in the Jungle, it was a boxing match between George Foreman and Muhammed Ali. Back in 1974 names like Foreman and Ali were as famous as companies like Google and Facebook are now. Google, like the older Ali, has been taking punches in the early rounds of the social

ATM skimmers: drive-by ATM card theft

If you keep up on the subject, FBI has been recently cracking down on ATM card data theft rings, where scammers attach fake hardware to the front of ATM’s and trick users into entering PIN information, then record the data to logging devices which can be retrieved later. In some cases the attackers use Bluetooth

Free WiFi: Price? All your personal information

Sitting in an airport you rarely frequent, you grab your laptop and snap out a couple e-mails to send, and look, there’s a free WiFi hotspot. Bang, you connect and send, and are off on your way. What you don’t know is the free WiFi may come with a price: your login credentials and network

Cycbot: Ready to Ride

Although the “Ready to Ride” group originated in Russia it distributes Win32/Cycbot outside the borders of the Russian Federation. Going by the prices per installation the primary target of the group is the US.

Stuxnet: Wired but Unplugged

I've stopped maintaining Stuxnet resource pages recently, but occasionally I come across an article that adds something useful to the mix, or simply summarizes aspects of the Stuxnet story neatly and accurately. Besides, its authors must be feeling a little left out with all that fuss about TDL4. ;-) A recent report in Wired gives

1 in 20 mobile devices infected next year?

The mobile devices of late have more compute power than the full desktop PC of yesteryear, and they fit it your pocket, great news for folks “on the go.” And since you’re so multi-tasked anyway, why not load it up with things to make your life easier, after all, it’s really a phone with a

Google+Facebook Equals Time Bomb

An application written to allow integration between Facebook and Google Plus may be all you need to compromise your computer. According to a PCWorld report an application called Google+Facebook used a well known programming worst practice of downloading a JavaScript file upon launch. If you aren’t real technical and don’t know what this means, I

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2015 ESET, All Rights Reserved.