tag
Microsoft

Keylogging taken seriously: Security upgrades in the new Hotmail

Microsoft Hotmail has a new feature: Out of Band Authentication via cell phone SMS Text. They call it ‘single-use codes’: Single-use codes This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a

Consecuencias de la Operación Aurora: ¿Google dejará de utilizar Microsoft?

Durante el día de ayer cientos de sitios web y redes sociales publicaron y comentaron una noticia que involucra a dos de las empresas tecnológicas más importantes del mundo: Google abandonaría Windows como Sistema Operativo. La noticia original fue la publicada por el Financial Times donde se afirma entre otras cosas (y en traducción libre):

Please do not change your password – The Boston Globe

I find it hard to not be shocked at a headline like this… Then I remembered the recent top cybercrime city survey conducted by one of our competing software vendors which had Boston ranked the SECOND HIGHEST risk city in the entire United States. I’m also not one to simply lie down and let cybercriminals

Vulnerabilidad 0-Day crítica en Microsoft Internet Explorer

Se ha descubierto que una nueva vulnerabilidad del tipo 0-day (identificada por MITRE como CVE-2010-0806) está circulando in-the-wild en Internet. Microsoft ha confirmado la vulnerabilidad 981374 y ha dicho que se encuentra trabajando en la solución. La vulnerabilidad hace uso de “use-after-free” (puntero de referencia inválida) en la librería iepeers.dll y afecta a las versiones

Patchwork for the Home and the Enterprise

SC Magazine's Dan Raywood reports that "To be completely patched requires an average of between 51 and 86 actions per year", quoting findings by Secunia that " in order for the typical home user to stay fully patched, an average of 75 patches from 22 different vendors need to be installed, requiring the user to

The Biggest Botnet in the World

You may have seen the news about the bot masters in Spain who were arrested. Defense Intelligence http://defintel.com/docs/Mariposa_Analysis.pdf dubbed this Mariposa botnet. It is claimed that this botnet had the power to perform much stronger attacks than what Estonia witnessed a couple of years ago.  Still, this botnet is dwarfed by the largest botnet in

Fake Conficker Alerts

Urban Schrott, IT Security & Cybercrime Analyst at ESET Ireland, reports seeing more e-mail pretending to be from Microsoft is circulating, "warning" computer users that "Conflicker" is again spreading rapidly. ESET's ThreatSense engine identifies the malware as Win32/Kryptik.CLU trojan, and running it would result in further malware infections. Here's an example Urban quotes of one

Microsoft y BMW utilizados para propagar Scam

En los últimos días hemos detectado amplia actividad en la propagación de ataques de scam, que particularmente utilizan los nombres de grandes marcas, como Microsoft y BMW, para engañar al usuario. En el caso de la empresa creadora de Windows, su nombre es utilizado para el envío de correos electrónicos indicando a los usuarios sobre

Falsos correos de Microsoft propagan malware

Esta semana han sido reportados distintos casos de propagación de malware con un factor común: la utilización de falsos correos de Microsoft como técnica de Ingeniería Social para llevar a cabo el ataque. A comienzos de semana, el blog de seguridad de ZDNet publicó el alerta sobre falsos correos de Microsoft, que alertaban a los

Fake Windows Update

[Update: I notice that at about the same time that I posted this, Sophos also flagged a blog reporting a somewhat similar fake update for Microsoft Outlook/Outlook Express (KB910721). The message is a lot different and links to a different site pretending to be Microsoft’s update site, but is clearly not to be trusted. So the

Falsas actualizaciones de Microsoft, infectan usuarios

En el día de la fecha hemos recibido una alta tasa de correos que simulan provenir de Microsoft y que mencionan una supuesta actualización de Live Messenger (correo en español) y otra de Windows (correo en inglés): En realidad lo que menciona el correo es falso ya que es fundamental conocer que Microsoft lanza sus

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

SSL: to certify web security is not to guarantee it

Hard on the heels of the translated blog by Sebastián Bortnik that I posted at the weekend comes news from the Register (http://www.theregister.co.uk/2009/10/05/fraudulent_paypay_certificate_published/) of a bogus Paypal SSL certificate released yesterday exploiting a bug in Microsoft’s crypto API that has remained unpatched for more than two months, when Moxie Marlinspike (can I have a handle

Exploit público para vulnerabilidad de Microsoft

El 8 de Septiembre Microsoft publicó al alerta de seguridad 975497, donde se describe una vulnerabilidad en el protocolo SMB (Server Message Block) de los sistemas Microsoft Windows. Las versiones afectadas son Windows Vista, Windows Server 2008 y Windows 7 RC. El parche aún no está disponible, y se espera que el mismo esté disponible

Crisis? What Crisis?

In the AV industry, we’re not unaccustomed to security scare stories met with a debunking response. For example, Peter Norton was quoted in 1988 in Insight as saying that computer viruses were an urban myth, like the alligators supposed to inhabit the sewers of New York. (He did change his mind around 1990 when he gave

ThreatSense.Net® Report for July

Our July ThreatSense.Net® report has been released today, and will eventually be available from the Threat Center page here. Most of the top ten entries are old friends: well, familiar names might be a better way of putting it. One of the disadvantages of having a scanner that makes heavy use of advanced heuristics is

Adobe Updates

I’d like to call your attention (again) to a major Adobe bulletin that was released yesterday (actually, still today, if you’re far enough behind GMT, but I’m sitting just a train ride away from Greenwich, UK). In brief, the bulletin concerns the following CVE (Common Vulnerabilities and Exposures) issues: CVE-2009-1862 CVE-2009-0901 CVE-2009-2395 CVE-2009-2493 CVE-2009-1863 CVE-2009-1864 CVE-2009-1865

Fly By Wireless

No, nothing to do with drive-by downloads… Our colleagues in Europe came up with a nice idea: an article on the dangers of web surfing on free wi-fi and some tips on staying safe. (A topic dear to the hearts of all of us who find ourselves out and about with our laptops from time

Patchwork

I’ve been up to my ears in travelling and AMTSO and had limited connectivity over the last week, but even I noticed that a lot of patching issues have risen to the surface in the past few days. In case some of this has passed you by, here are a few of the more prominent

June ThreatSense Report

We’ve just finished working on our monthly Threat Report. There aren’t many surprises in the top ten threats for June. Conficker has taken over the "top spot", relegating INF/Autorun to second place. It’s difficult to say for sure what the significance is, given the relatively small percentage point involved: minor fluctuations in proportions from month

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.