tag
Graham Cluley

Anyone want to know my Social Security Number?

Your home may be your castle, but on social networks, your friends are your perimeter. Will they enclose and protect your personal data?

Support Scam: Old Racket Still in Service

One of the support scam sites used to mislead victims may be down, but the scam definitely isn’t about to go away.

Facebook Christmas Tree Virus: it’s Still a Hoax

“Old hoaxes never die”: last year’s Christmas Tree App Facebook “virus” warning is circulating again.

Hacktivism: not a get-out-of-jail card?

What we’re lacking here is a clear differentiation between types of “hacktivist” or, indeed, “activist”: much of the commentary that’s around at the moment seems to assume that all hacktivists are the same.

Hacking by Proxy

The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws

Public Access PCs Booby-Trapped

…keyloggers were found to have been attached to PCs used by members of the public…

Supertrojan Supersighs Me

Zeus-associated malware (and that includes SpyEye and “SpyZeuS”) isn’t supernaturally difficult to detect. It is, however, pretty adaptive and has introduced, from time to time, some innovative counter-detection techniques.

ROFLing Around The Christmas Tree*

…conceptually there is a direct line of succession from this worm to the social engineering worm/Trojan hybrids of the early noughties. Clearly, the line continues through to the social network malware (real and memetic) of today…

Virus Bulletin Seminar

Our friends at Virus Bulletin are hosting a seminar later this month … organized by the security-knowledgeable but vendor-agnostic magazine whose annual conference is one of the major highlights of an anti-malware researcher’s year.

Anaconda, or a Monty Python sketch?

…you might wonder how a South American snake came to swallow an African mammal in the first place. (Don’t bother with the jokes about zoo viruses. I got there first.)

Icelandic 419, Smoke, Ashes, and Mirrors

I've just blogged at a site that specializes in chainletter-related spam and scams about a 419-type spam  that masquerades as an email from the non-existent Frank Adam at the Civil Aviation Authority.,It's aimed at people whose air travel was disrupted by the Icelandic volcano, specifically those who found themselves stranded somewhere on mainland Europe. However, I thought

McAfee and SEO poisoning: there but for the grace…

ESET is not going to try to capitalize on McAfee's unfortunate false positive problem (and nor, I'm sure, is any other reputable vendor). Such problems can arise for any AV vendor: it's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections (someone please

Dumb or Devilish? You Decide…

[Update: so far I have two votes for dumb. Maybe I'm giving this spammer too much credit, and it is a simple "spam template fail" ;-) On the other hand, while I wouldn't vote "evil genius", I'd still love to know how many people actually fall for this - I don't have a problem envisaging

Top Ten Trite Security Predictions

1. Every security blogger in the world will mark the transition from 2009 to 2010 with at least one top ten something-or-other article. Except me, of course.  2. There will be headlines about the death of anti-virus, and a famous security guru will state that anti-malware only catches malware that's already been identified and analysed, that

Hacker tool exploits vulnerability in jailbroken iPhones

I don't really want to keep banging on about jailbroken iPhones when there are threats out there that affect many more people (though according to Intego, 6-8% of iPhones are, in fact, jailbroken, so I don't want to minimize the threat either). I'm quoting Intego because they've just blogged (http://blog.intego.com/2009/11/11/intego-security-memo-hacker-tool-copies-personal-info-from-iphones/) what I think is a

Adobe Updates

I’d like to call your attention (again) to a major Adobe bulletin that was released yesterday (actually, still today, if you’re far enough behind GMT, but I’m sitting just a train ride away from Greenwich, UK). In brief, the bulletin concerns the following CVE (Common Vulnerabilities and Exposures) issues: CVE-2009-1862 CVE-2009-0901 CVE-2009-2395 CVE-2009-2493 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865

BBC television – have they got the picture yet?

The BBC published a self-justification of sorts over the Click fiasco on Friday 13th March: when I came upon it the following morning, I posted a comment there, pointing out Mark Perrow had addressed the issues this industry hadn’t complained about, and ignored the issues that we were concerned about. My comment is number 14,

TinyURL: the Tiny Terror

The Register today ran a story about the phishing attack spread by the Google Talk instant messaging system, which uses TinyURL to conceal the real name of the link. John Leyden’s story (quoting Graham Cluley at some length) makes several good points about reducing your exposure to the threat, and Graham’s blog makes some more.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
28 Aug 2014
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.