Passwords “are starting to fail us”, says PayPal security chief

“Passwords are starting to fail us when used everywhere at internet scale,” said PayPal’s Chief Information Security Officer Michael Barrett at this week’s Interop expo in Las Vegas.

Name.com resets passwords after security breach

Domain name registrar and web hosting company Name.com has been hit by a security breach.

Group of senators propose new law to battle cyber theft

A proposed new law, the Deter Cyber Theft Act, would help defend U.S. companies against data theft and computer espionage by foreign interests, a bipartisan group of senators said this week.

China accuses U.S. of being “the real hacking empire” after Pentagon report

China has accused the United States of being, “the real hacking empire” after a Pentagon report which said for the first time that cyber attacks on the U.S. were “directly attributable” to Beijing.

Watering hole attack on Dept. of Labor site “exploited new IE8 vulnerability”

A “watering hole” attack on pages within the U.S. Department of Labor site exploited a “zero-day” vulnerability in Internet Explorer 8 to deliver malware to visitors, according to reports.

Linux/Cdorked.A malware: Lighttpd and nginx web servers also affected

Some 400 web servers found infected with Linux/Cdorked.A. including 50 in Alexa’s top 100,000 websites. And this backdoor has been applied to Lighttpd and nginx binaries in addition to Apache.

China is behind “numerous” attacks on U.S. computer systems, says Pentagon

The Chinese government and military are behind large numbers of cyberespionage attacks directed at U.S. government computer systems, according to a Pentagon report released this week.

Support scam cold-calling: the next generation

Stop me if you’ve heard this before… While I was in London recently for the InfoSec exhibition and some other meetings, my wife received a call from a lady with a heavy Indian accent, who told her that she had errors on her computer caused by viruses, and offering to remove them for her. For a fee, of course…

ESET Smart Security wins Product of the Year from Poland’s CHIP magazine

Poland’s influential CHIP technology magazine has awarded ESET Smart Security the top prize in its antivirus products category this year.

Fake Justin Bieber “I’m gay” Tweet marks latest attack on media Twitter accounts

Celebrity news service E! Online became the latest high-profile media Twitter account to fall victim to hackers, with a series of false Tweets that began with a claim that Justin Bieber was gay.

Linux Apache malware: Why it matters to you and your business

This comprehensive look at the problems of malware on Linux Apache web servers explains the threats to business and helps you figure out if your organization is likely to be affected.

New “Trusted Contacts” feature will let hacked Facebook users back in

The new feature allows users to log in even if they have also lost access to their email account and cannot initiate a password reset.

Parents need to teach pre-school children to use the internet safely

Pre-school children should learn to get to grips with technology and its problems, argues David Harley, ESET Senior Research Fellow.

The stealthiness of Linux/Cdorked: a clarification

We clarify that the Linux/Cdorked backdoor malware leaves no traces on the hard drive “other than its modified httpd binary” which can be scanned for detection in several ways.

More than 90% of passwords are vulnerable to hacks, warns Deloitte – even “strong” ones

Even passwords considered “strong” by IT departments are often now vulnerable to hacking, according to professional services firm Deloitte. The firm predicts that 90% of user generated passwords will be vulnerable to hacking this year.

PC game service admits to serving up Bitcoin-mining malware

Users of popular PC gaming service ESEA have discovered that their PCs have been hijacked to mine Bitcoins by malware served up alongside the company’s client. A hidden Bitcoin-mining process caused users’ graphics cards to overheat as it worked in the background.

Mysterious Avatar rootkit with API, SDK, and Yahoo Groups for C&C communication

The mysterious Avatar rootkit, detected by ESET as Win32/Rootkit.Avatar, appears to reflect a heavy investment in code development, with an API and a SDK available, plus an interesting abuse of Yahoo Groups for C&C communications.

Wireless carriers put customers at risk by failing to patch Android, says civil liberties group

Wireless carriers Verizon, AT&T, Sprint and T-Mobile are putting customers at risk by failing to fix well-known security vulnerabilities on Android phones, according to the American Civil Liberties Union (ACLU).

Twitter blames spear-phishing for recent hacks – and warns news companies to expect more

Twitter has warned media companies that attacks on their official Twitter accounts are liable to continue, after Britain’s Guardian newspaper became the latest high-profile news site to fall victim.

Password warning after details for 50 million users leak in LivingSocial hack

Daily deals site LivingSocial has become the latest high-profile site to fall victim to hackers, after an attack accessed information for 50 million accounts last week.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
our experts

David Harley

Graham Cluley

Rob Waugh

Stephen Cobb

Olivier Bilodeau

Aryeh Goretsky

Lysa Myers

Benjamin Vanheuverzwijn

Pierre-Marc Bureau

Righard Zwienenberg

Robert Lipovsky

Guest Writer

Cameron Camp

Marc-Etienne M.Léveillé

Joan Calvet

Jean-Ian Boutin

Pablo Ramos

Andrew Lee

Sebastián Bortnik

Peter Stancik

Copyright © 2014 ESET, All Rights Reserved.