NSA and Wall Street: online activity shrinks, changes post-Snowden

News of the NSA’s mass electronic surveillance is having a negative impact on consumer sentiment toward online technology and tech companies, according to recent survey that suggests it could hurt GDP and corporate profits.

Google adds new layer of defense against “bad” Chrome plug-ins – and tests malware blocker

Users of Google’s Chrome browser will be able to “purge” rogue plug-ins, after attacks where a supposedly helpful browser add-on contains malware – a tactic adopted by cybercriminals, as reported by We Live Security earlier this year.

Sunrise “smart calendar” app warns of iCloud on the horizon after hack

Smart calendar app Sunrise has revealed it fell victim to the same cyberattack which saw social sharing app Buffer sending out thousands of weight-loss spam posts – and has warned users who link their Sunrise account to iCloud that they may be at risk. In an update released on the company blog, CEO Pierre Valade

Untrained staff and low budgets leave 96% of businesses feeling “unprepared” for cyberattack

A survey of 1,900 executives at clients of the accountancy firm Ernst and Young found that almost all (96%) felt “unprepared” for a cyberattack – due to budget cuts and lack of skilled staff.

Scary Code: Top 5 malware that kept researchers up at night

If sinister pieces of malicious code could rise from the dead on Halloween, which would be the most scary for antivirus researchers? Here are 5 contenders, with a variety of very nasty traits.

Smartphone “contactless” payment systems may be at risk from snooper devices, researchers warn

Phones such as Samsung’s Galaxy S4 ship with Near Field Communication chips built in – and many companies hope to use these for payment systems. But snooper devices may be able to “listen in” as payment apps are used, researchers warn.

When big sites spring a leak: What to do when breaches put your ID at risk

When Adobe admitted 38 million user IDs had leaked from its system this week, it was one of a long line of companies to fall victim to such data breaches. Most companies react fast – and offer good advice – but our guide adds a few extra safeguards if your ID is put at risk.

Big companies still fall for social engineering “hacks” by phone – and it’s not getting better

Major companies such as Disney, Boeing and General Electric are still handing out information to “hackers” using the most basic tool of all – the human voice, according to a report on a competition at DefCon.

Windows XP users already facing malware invasion – before Microsoft “pulls plug”

Windows XP users already face far higher risks from malware – with XP users facing infection rates six times higher than Windows 8 users. Microsoft will withdraw support for the ageing platform in April next year – despite the fact that one in five PCs on Earth still use it.

Adobe breach far bigger than thought – 38 million records, Photoshop code leaked in attack

Previously, it had been estimated that around three million users had data accessed, but a new report by Brian Krebs of KrebsonSecurity revealed the true scale of the breach may have been far larger than thought – and that source code for software such as Photoshop may also have leaked.

Tech support scam update: still flourishing, still evolving

[Update 30th October 2013: with regard to the ping gambit discussed below, please note that protection.com now responds to ICMP echo requests - in other words, if you now run the command "ping protection.com" you should now see a screen something like this: Note that this is perfectly normal behaviour for a site that responds

President Obama’s Twitter and Facebook accounts hijacked by hacktivist group

President Obama’s Twitter and Facebook accounts were briefly compromised this week – with two Tweets and one post altered to send links to video montages of terrorist attacks.

Survey says 77% of Americans reject NSA mass electronic surveillance, of Americans

In light of the Snowden/NSA revelations of mass surveillance, 77% of American adults say it is not okay for the government secretly to monitor all of their communications. And some of us are changing how we use the Internet as a result.

Rogue’s gallery? New app aims to “out” cybercriminals who prey on online daters

A new app, Truly.am, aims to put a stop to a fast-growing area of online fraud – online dating scams – by forcing cybercriminals to prove they are who they say they are.

Artificial intelligence firm claims to have “cracked” CAPTCHAS

An American artificial intelligence company claims to have “cracked” CAPTCHAs – the standard word tests used to tell humans and computers apart online. A program designed by Vicarious can break standard CAPTCHAs with 90% accuracy, Vicarious claims.

Rebuffed! Social site Buffer fights off onslaught of fruity weight-loss spam

An invasion of fruity posts offering miraculous weight loss flooded Facebook and Twitter accounts linked to the social sharing app Buffer – appearing on official accounts for companies such as Brussels Airlines and Startup Genome.

Cyberattack in Israel “shuts down” road for hours

Attackers used a Trojan program to target a security camera system in the Carmel Tunnels toll road in Haifa, shutting down the road for hours, and causing “hundreds of thousands of dollars” in damage.

The Preliminary NIST Cybersecurity Framework published and Workshop #5 scheduled

The newly published Preliminary Cybersecurity Framework from NIST, part of the federal effort to help critical infrastructure owners and operators reduce cybersecurity risks, is now available for review, with some interesting new language and a final workshop scheduled for November.

Cost Of Cyber Attacks Still Rising

The amount of money it costs when security is breached can really add up. Stephen Cobb explains.

PHP site WAS serving malicious code, owners admit after Google raises red flag

When Google’s Safe Browsing service said that programming site PHP.net was hosting and serving malware, it sparked furious discussion – but the site investigated, and has since admitted a Javascript attack, and moved to “clean” servers.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
our experts

Rob Waugh

Graham Cluley

David Harley

Lysa Myers

Robert Lipovsky

Aryeh Goretsky

Stephen Cobb

Bruce Burrell

Sébastien Duquette

Oh Sieng Chye

Copyright © 2014 ESET, All Rights Reserved.