latest posts

Hungarian soccer fans protest against stadium’s new biometric security

Fans of Hungarian soccer team Ferencvaros have come “en masse to their home stadium in Budapest” to protest the club’s new biometric ID equipment, which controls turnstile entry to the stadium, according to Biometric Update.

POODLE Attack – Google uncovers major flaw in SSL 3.0

In an announcement eerily reminiscent of the early phases of the Heartbleed flaw that took internet security by storm earlier in the year, Google has uncovered an exploit that could allow attackers to decode the plaintext traffic of a secure connection.

October is the Cyber Security Month: stats, events and advice

Since October 2012, the European Cyber Security Month is going live as a pilot plan across Europe. Inspired by the concept of other similar projects that were successfully implemented around the globe. One of them is the Stop. Thinking. Connect campaign supported by the National Cyber Security Awareness Month in the United States.

Operation Windigo: “Good job, ESET!” says malware author

Following the recognition at Virus Bulletin 2014 of ESET’s research on Operation Windigo, I took the opportunity to ask Marc-Etienne Léveillé – who worked directly on the Operation Windigo report a few questions. Marc-Etienne is a malware researcher at ESET.

$50 Anonabox provides portable privacy via Tor

A portable network device that sits between computer and router to offer anonymized browsing from any computer via the Tor network has smashed its Kickstarter fundraising goal just days after hitting the crowdfunding platform.

CVE-2014-4114: Details on August BlackEnergy PowerPoint Campaigns

In this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.

Dropbox denies server hack as nearly 7 million account details leak

A hacking group has claimed that it has access to 6,937,081 Dropbox accounts with usernames and passwords, according to ZDNet. The first 400 log-in combinations were posted to Pastebin, with more to follow in return for payment in Bitcoin.

Kmart hit by malware credit card breach

Sears Holding Co. is the latest high profile name to announce the discovery of malicious credit and debit card stealing malware in its point of sale registers at its Kmart stores, writes Brian Krebs on his Krebs on Security website.

200,000 ‘deleted’ Snapchat images leaked from third party website

A breach of a third-party Snapchat site that allows users to bypass the app’s privacy has led to the leaking of some 200,000 images to the internet, The Guardian reports.

Week in security: Dubai Police use Google Glass facial recognition, Bugzilla gets bugged and ‘Unpatchable’ USB exploit lands on GitHub

This week in security, we covered a full range of privacy and malware, with controversial plans to equip police officers with facial recognition packed Google Glass in Dubai, and the BadUSB malware finding its way on to GitHub.

Dairy Queen hit by card data stealing malware

Dairy Queen has become the latest company to be hit by payment card stealing malware, reports the Wall Street Journal. The breach is said to have affected 395 of its 4,500 American locations.

Cyber Security Awareness Month: It’s on!

October is National Cyber Security Awareness Month in America and each year this program brings more and more attention to issues that should be of concern to anyone who uses a computer, plus a low of how-to information, security resources, and awareness-raising events.

Future malware might offer real functions to avoid detection

Malware may begin to offer genuinely helpful functionality in the future, in order to “fly under the radar” and fake legitimacy before striking, according to Professor Giovanni Vigna from the University of California.

European ATMs under malware attack

At least 50 cash machines in Eastern Europe have been targeted by malware that allows the hacker to withdraw up to 40 notes at once without a credit or debit card to hand, Computer Weekly reports.

Ello privacy – what you need to know

For any security-conscious user, there are a few things worth remembering once you have secured that crucial invitation – we offer a few tips on how to get the most from the emoji-heavy network here.

Previously undiscovered Bugzilla exploit patched

Bugzilla, the open source bug reporting and tracking tool used by Mozilla and many popular Linux distributions, has had a potentially damaging security flaw patched, reports Brian Krebs on his Krebs on Security website.

Manual fixes to USB malware revealed… with a catch

Since the BadUSB malware was released to the public with hopes of forcing a fix, a solution has emerged from the researchers who posted the code, but the fix is definitely not without its problems.

Sednit espionage group now using custom exploit kit

For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.

Yahoo told to “pull your pants up” after Shellshock hack claims

Yesterday, security researcher Jonathan Hall, of a company called Future South Technologies, accused Yahoo of having suffered a serious security breach via the recently discovered Shellshock vulnerability in Bash.

Google Glass facial recognition used by Dubai Police force

The police force of Dubai will soon be equipped with crime-fighting face recognition technology via Google Glass, according to Reuters. The software, “developed by Dubai police would enable a connection between the wearer and a database of wanted people,” Reuters reports.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
our experts

Jean-Ian Boutin

Graham Cluley

Stephen Cobb

Lysa Myers

Raphael Labaca Castro

Olivier Bilodeau

Robert Lipovsky

David Harley

Marc-Etienne M.Léveillé

Aryeh Goretsky

Copyright © 2014 ESET, All Rights Reserved.