Inside a scam factory: Gray hat hacker offers peek at how Nigerian 419ers work

Keylogging tools to steal personal information from victims are available as a “service” from a site known as PrivateRecovery, which offers the tools for just $25 to $33 a month, according to a list of leaked records seen by researcher Brian Krebs.

“Silent” audio could be key to unlocking PCs, new password-beating start-up claims

Simply holding your phone a few inches from your PC to “hear” signals inaudible to humans will be enough to log in to sites and services previously protected by cumbersome two-factor systems, a new start-up claims.

Hesperbot – technical analysis: part 2/2

In this 3rd Hesperbot blog post we’ll look at the most intriguing part of the malware – the way it handles network traffic interception.

Smarter phones? Evidence mounts for fingerprint-protected iPhone

When Apple unveils its new iPhone models Tuesday, one particularly persistent rumor may come true – that at least one model of the new hardware will feature a built-in fingerprint scanner.

Four out of five people are “locked out” of websites due to lost passwords

Four out of five consumers have been “locked out” of websites due to not remembering log-ins – and over a fifth rely on password resets “on a regular basis,” according to a survey conducted by Ping Identity.

Trendnet under fire from FTC over camera security flaws which let hackers spy on babies

Baby monitors which shipped with security flaws that allowed hackers to watch and listen to babies from remote locations have led to an FTC complaint against the company responsible, Trendnet.

Hesperbot – Technical analysis part 1/2

Win32/Spy.Hesperbot is a new banking trojan that has been targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. For more information about its malware spreading campaigns and victims, refer to our first blog post. In this post we’ll cover the technical details of the malware, including the overall architecture, as well as the mobile component.

One in five internet users have had emails or social networks hijacked, Pew study finds

Internet users are becoming more savvy about keeping their private data safe – but many have already fallen victim to crime and scams, a study by the Pew Research Institute’s Internet Project has found. One in five (21%) of internet users have had an email or social networking account compromised or taken over without their permission.

BlackBerry signs up to FIDO anti-password alliance to seek new ways to keep data safe

BlackBerry has signed up to FIDO (Fast IDentity Online) Alliance – a group which is seeking to establish new methods to identify people quickly and safely, rather than relying on passwords for mobile security. FIDO is supported by internet giants such as Google and PayPal and is investigating alternative authentication technologies such as NFC chips, biometrics and one-time passwords, with a view to creating a standards-based system for passwordless authentication.

Hesperbot – A New, Advanced Banking Trojan in the Wild

A new and effective banking trojan has been discovered targeting online banking users in Turkey, the Czech Republic, Portugal and the United Kingdom. It uses very credible-looking phishing-like campaigns, related to trustworthy organizations, to lure victims into running the malware.

In a rush? Five two-minute tips to make yourself more secure right now

Performing a “cyber spring clean” can be time-consuming – but many of us have a few weaknesses we can tighten up in two minutes or less. Here are a few “instant fixes” for problems you might have overlooked…

“Rogue cellular devices” could allow attackers to block texts, intercept calls – and “black out” areas

Attacks which “hijack” calls and block phone services for individual phone users or even whole city areas are possible, using a “rogue device” to attack cellular networks, according to Berlin researchers.

Could your heartbeat be the password of the future? Hi-tech wristband offers new way to log in

Your unique heartbeat could offer a secure and easy-to-use alternative to remembering dozens of long, complex passwords, according to Bionym, who launched a new “password wristband” today.

Facebook fixes bug that allowed anyone to delete ANY photo

A bug which allowed any Facebook user to delete photos from any other user’s page without their knowledge has earned its discoverer $12,500 under Facebook’s “bug bounty” program – more than 10 times the average payout.

Recipe for disaster? Four in ten “BYOD” owners use no security measures at all

Four out of ten employees who use their own mobile devices at work fail to use basic security measures – and the trend for “BYOD” could be putting company information at risk, according to a new survey.

Facebook spam “earning criminals $200m a year”, researchers claim

Two independent Italian security researchers have investigated the business behind Facebook spam – and estimate that the trade is worth around $200m a year.

Windows 8 picture passwords “can be cracked”, researchers warn

The “picture passwords” used in Windows 8 machines are more vulnerable than Microsoft hoped, a research team claims. An analysis of more than 10,000 picture passwords found that a significant percentage could be cracked by algorithms.

Facebook considers using facial recognition on all profile pictures

Facebook has revealed that it may use facial recognition software to identify people from their profile pictures. The new “feature” was revealed in a change to Facebook’s data use policy, sent out via email to users this week.

Big phish, small pond: How to stay safe from SMS phishing scams

Phishing emails are a sad fact of life, and most of us are used to dealing with them – but cybercriminals are increasingly turning to SMS to reel in their victims. Our tips should help you avoid clicking something you’ll regret.

More than 800,000 Facebook users fall victim to password-harvesting browser malware, researcher claims

Malware disguised as a Facebook video has infected up to 800,000 users machines, according to independent Italian security researchers. The malware hijacks Facebook accounts and web browsers using a fake browser plug-in for Google’s Chrome.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
our experts

Rob Waugh

Jean-Ian Boutin

David Harley

Graham Cluley

Stephen Cobb

Olivier Bilodeau

Aryeh Goretsky

Lysa Myers

Benjamin Vanheuverzwijn

Pierre-Marc Bureau

Righard Zwienenberg

Robert Lipovsky

Guest Writer

Cameron Camp

Marc-Etienne M.Léveillé

Joan Calvet

Pablo Ramos

Andrew Lee

Sebastián Bortnik

Peter Stancik

Copyright © 2014 ESET, All Rights Reserved.