As written in our “Password management for non-obvious accounts” blog post on February 22, the FBI confiscated the DNS Servers used by the DNS Changer malware and replaced them with different servers so that infected users would not be left without internet right away. Initially these replacement DNS Servers were to be taken offline on
A continuation on: Time to check your DNS settings? After 7 March 2012, lots of people potentially can be hit as their systems are infected by a DNS Changer. Several government-CERTs have already warned their users. Rather than using the ISP’s DNS Servers, the malware has changed the settings to use DNS Servers controlled by
Tomorrow, on January 18, 2012, dozens of popular websites covering a diverse range of subjects will be blacking out their home pages in protest of the U.S. Stop Online Piracy Act (SOPA). Some of these websites are well-known, such as the English language web site for the encyclopedic Wikipedia and quirky news site Boing Boing,
SOPA as currently constructed can never work as intended. I'm not going to get into the reasons we don't like it because of its oppressive implications or because it is against our first amendment rights nor for any other reason (there's been so much other commentary on those issues that it would be superfluous). I
An article at Help Net Security by Zeljka Zorz describes malware written in Visual BASIC which masquerades as legitimate updates DeepFreeze, Java, Windows, Adobe Reader, and other legitimate applications. Zeljka says: "They have the same icon and version details, and can fool regular users and experts alike…it opens the DHCP client, the DNS client, Network share
[Part 9 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series is now available as a white paper at http://www.eset.com/download/whitepapers.php.] Be Wireless, not Careless Don’t connect to just any “free Wi-Fi” access point: it might alter your DNS queries or be the “evil twin” of
ICANN’s Fast Flux Working Group recently announced an Initial Report. In fact, it also offered a 20 day window for submitting comments on the report, but I missed that, as I was travelling and didn’t read that particular email. Perhaps you did better, in which case you probably won’t be much interested in this blog.