Since yesterday’s Much Ado About Facebook post in the ESET Threat Blog, we have written additional articles, received a few comments, and also received updated information on the “threat,” so it seems that now is a good time for a follow-up article.  Reports continue to come in of pornographic and violent imagery on Facebook, and

Recently, a new data-stealing worm caught our attention. The reason why it stands out from many similar amateur creations is that its author is most probably Czech, as the text strings, variable and function names used by the malware suggest. The Czech text above is displayed by the worm inside a console window and translates

Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

…The NYT article strikes me as being well-researched, well-written, and well worth reading, and the involvement of Dimona is more plausible than much of the speculation I’ve seen, but it’s still hard to distinguish hard fact from sheer guesswork…

A recent story http://www.telegraph.co.uk/news/worldnews/northamerica/usa/8180442/FBI-warns-Barbie-camera-could-be-used-by-paedophiles.html tells of a leaked FBI memo about the perils of a new Barbie doll. It appears that the new Barbie comes equipped with a web cam that can allow children to send videos of themselves across the net. The FBI, rightfully so, worries that this may be a weapon of pedophiles

The hot news http://blog.eset.com/2010/07/17/windows-shellshocked-or-why-win32stuxnet-sux is of a zero-day vulnerability that has been used to attack SCADA systems. This comes hot on the heels of an article on the Wired web site titled “Hacking the Electric Grid – You and What Army” http://www.wired.com/dangerroom/2010/07/hacking-the-electric-grid-you-and-what-army/. So clearly Wired had already predicted the origins, at least vaguely, of Win32/Stuxnet.

…But that doesn’t mean that this particular attack is going to vanish any time soon, AV detection notwithstanding. Now that particular vulnerability is known, it’s certainly going to be exploited by other parties, at least until Microsoft produce an effective fix for it, and it will affect some end users long after that…

In May it was reported that IBM handed out some USB drives that were infected. A month later I spoke at a security conference that I will not name. I gave the AV (audio/visual) technician a USB key with my presentation on it to copy to the laptop they were using for the presentations. About

USB thumb drives, such as those pictured below from www.promotionalpro.com, are very popular marketing item, but oftentimes people are not aware of the digital risks these devices can present. In recent years many USB devices have been sold or given way only to be found to be pre-infected from the factory. At a recent security