tag
SC Magazine

Comment Spam: what’s in a name?

…I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog…

Hacktivism: not a get-out-of-jail card?

What we’re lacking here is a clear differentiation between types of “hacktivist” or, indeed, “activist”: much of the commentary that’s around at the moment seems to assume that all hacktivists are the same.

The Next Stuxnet

…the ‘next Stuxnet’ probably won’t be any such thing, whatever we may choose to call it…

Why the IMF breach?

In the absence of any detailed information from the IMF itself, it’s not surprising that most of the surmise around the attack is based on internal IMF memos quoted by Bloomberg, and much of it is rather tenuous.

Passwords, passphrases and past caring

First: a link to another article  for SC Magazine's Cybercrime Corner on password issues: Good passwords are no joke. However good your password is, your privacy still depends on rational implementation by the service provider. Also, one of the articles that sparked off that particular post: ESET Ireland's excellent blog post on a survey carried

Boys will be boys…

…whatever the hacker community’s personal taste is in games and consoles, gamers are a tempting target…

More Cybercrime Corner articles

Recent additions to SCMagazine's Cybercrime Corner blog include: "Password strategies: Who goes there?" by David Harley, May 23, 2011 Password selection usually involves compromise, but even a short password can be reasonably strong and still memorable. This follows up at some length on a previous ESET blog by Paul Laudanski. "Fighting cybercrime" by Randy Abrams,

Cybercrime corner

… I haven’t recently posted any pointers to our content on SC Magazine’s Cybercrime Corner, and now might be a good time to recap on what Randy and I have been posting there this month (so far…) …

EICAR Schnapps-Shot

Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.) To conform with EICAR's

AV Numbers Game

…I would suggest that you take any statement like “Grottyscan AntiVirus is best because it detects 200 million viruses” with a pinch of salt. Actually, a whole salt mine…

CIPAV Spyware: Hiding in Plain Sight?

CIPAV, the "Computer and Internet Protocol Address Verifier" spyware apparently used by the FBI to monitor activity on the computers of suspects, may not seem the hottest news item around: in fact, my friend and former colleague Craig Johnston and I put together a paper – Please Police Me - on the issues involved with policeware versus

Spearphishing APT-itude Test

My latest blog for SC Magazine's Cybercrime Corner looked at the recent APT (Advanced Persistent Threat) attack on RSA, in the light of Uri Rivner's blog on the implementation of the attack.  Unfortunately, the exact nature of the target and damage remains somewhat obscure, so while I certainly consider Rivner's blog worth reading, I also found myself

SC Magazine: Cybercrime Corner

You may not be aware that ESET writers have been supplying blogs to SC Magazine for a while now. Recently, Randy Abrams and I were drafted in after the original contributors moved on, and we started contributing this week: Poachers and Gamekeepers considers whether there is a conflict of interest when AV companies work with

Stuxnet, cyberwar, cybersabotage, blah…

While most of the recent media interest in Stuxnet has centred on the New York Times story, there’s been some thoughtful research published that considers it as just one aspect of larger issues: cyberwarfare, cyberespionage, cybersabotage and so on.

Added to Stuxnet resources page

Tony Dyhouse writes in SC Magazine about the political implications for the security community of the Stuxnet and Wikileaks incidents. The link has also been added to the Stuxnet resources post at /2011/01/03/stuxnet-information-and-resources/5731 on 14th January 2011.. David Harley CITP FBCS CISSP

NHS Security: a Retrospective View

…While there are those who think that I’ve been in the anti-virus industry since mammoths roamed the Surrey hills, most of my computing career has actually been in medical informatics, though as you might expect from what I do now, documentation, security and systems/user support played a large part most of that time….

Win32/Stuxnet: more news and resources

Perhaps you're getting as tired of this thing as I am (though with the information still coming in, I'm not going to be finished with this issue for a good while, I suspect).  But without wishing to hype, I figure it's worth adding links to some further resources. There's a very useful comment by Jake

There’s Passwording and there’s Security

Kim Zetter’s article for Wired tells us that “SCADA System’s Hard-Coded Password Circulated Online for Years” – see the article at http://www.wired.com/threatlevel/2010/07/siemens-scada/#ixzz0uFbTTpM0 for a classic description of how a password can have little or no value as a security measure. Zetter quotes Lenny Zeltser of SANS as saying that ““…anti-virus tools’ ability to detect generic versions of

Macs, smartphones, security, the universe…

Wearing my vendor-independent Apple/smartphone commentary hat, I've just posted a couple of blogs on the Mac Virus site that some of you might find of interest. OK, suit yourselves. ;-) "Touching (or Bumping) Base" addresses a mixed bag of issues: Charlie Miller's presentation on fuzzing for "20 zero-day holes … in closed source Apple products"

Patchwork for the Home and the Enterprise

SC Magazine's Dan Raywood reports that "To be completely patched requires an average of between 51 and 86 actions per year", quoting findings by Secunia that " in order for the typical home user to stay fully patched, an average of 75 patches from 22 different vendors need to be installed, requiring the user to

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
07 Aug 2011
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.