Campaña de infección utilizando la bomba en Moscú como excusa

Desde el Laboratorio de Análisis e Investigación de ESET Latinoamérica hemos detectado una importante campaña de infección a través de la red de microblogging Twitter y buscadores, mediante la cual se intenta propagar distintos códigos maliciosos. En el primer caso, la estrategia consiste en utilizar perfiles maliciosos de Twitter para publicar direcciones web supuestamente relacionadas

A Bit More on PleaseRobMe

Yesterday I recorded a podcast for The Malware Report with guest Ira Victor of Data Clone Labs Inc. Ira also co-hosts the radio show “The Cyber Jungle” which you can find at www.thecyberjungle.com. The podcast should be up in the next week or so. During the show Ira mentioned the website http://www.PleaseRobMe.com. This site takes


We seem to have pointed out rather often recently that giving away lots of information on Facebook, Twitter and other social network sites isn't a good idea. PleaseRobMe claims, somewhat amusingly, to be a resource for burglars, saving them the trouble of searching through Twitter and Foursquare for information on whose house is currently unoccupied. In

Ten Ways to Dodge Cyber-Bullets (Part 6)

[Part 6 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Social Networks Can Be Very Anti-Social Don’t disclose sensitive information on websites like FaceBook or LinkedIn if you can’t be sure that you

Twitter and I

I just received another request to follow me on Twitter on a protected account, so perhaps it's time I clarified what all those accounts that are and aren't in my signature are for. @dharleyatESET is a protected account largely for work purposes.  I only accept requests to follow from people who really need to know

Nice Smartphone, Mr. Darcy: Fact, Fiction & the Internet

OK, I'll save the novel for another time. However, there's a rather less ambitious snippet of my recent writing at http://www.eurograduate.com/article.asp?id=3015&pid=1, an article called "Fact, Fiction and the Internet," and, further to some of my recent posts here, touches on the dangers of social networking. Though you might think that someone with as many twitter

Falso Twitter con el mensaje "hi. this you?? LOL."

Hace instantes hemos encontrado decenas de Twit con el mensaje “hi. this you?? LOL.” y con un enlace que dirige al usuario a un sitio falso de Twitter que solicita las credenciales de login: Por supuesto se trata de un caso de phishing a través de Twitter y con el objetivo claro de robar usuarios

Shortened URLs

Now here's a useful link (thanks to Mikko Hypponen for the tweet that brought it to my attention). I've made the point several times here about being cautious about URLs shortened by bit.ly, tinyurl and the many others. Which is why when I flag our blogs and papers on twitter, I normally use tinyURL or

Spam en Twitter

En el día de hoy hemos hallado una gran cantidad de mensajes similares en Twitter promocionando sitios fraudulentos sobre trabajos en línea y productos farmacéuticos. Los mensajes y dominios promocionados se pueden ver en la siguiente captura: Todos los usuarios que promocionan estos trabajos falsos han sido recientemente creados y todos ellos tienen pocos seguidores

Another Twitter Security Problem

As reported at http://www.eweek.com/c/a/Security/Twitter-XSS-Vulnerability-Still-Wide-Open-Developer-Says-433005/, a researcher has found a cross site scripting vulnerability that affects Twitter. The researcher claims that by exploiting this he could gain access to the Twitter accounts of anyone who views his specially crafted tweets. The explanation of the problem is a bit techie, but there is a very key point

Armor for Social Butterflies

I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you

Reporte de amenazas de Agosto

Durante el mes de Agosto se ha producido un importante caudal de incidentes en materia de malware del cual destacamos, a continuación, los de mayor repercusión entre los usuarios: Durante los primeros días del mes, los atacantes focalizaron sus esfuerzos contra una de las redes sociales de microblogging más populares: Twitter, transformándola en el blanco

Ataque de phishing a Twitter

Los ataques de phishing son muy comunes y no se limitan solamente a la obtención de información de índole financiera, motivo por el cual hace un tiempo atrás era muy habitual encontrar clonaciones de sitios web de entidades bancarias, sino que entran en el juego de los atacantes cualquier sitio web que ofrezca servicios y

A Motivation for the Twitter Attack?

Some people are speculating that the motivation for the Twitter attack was to try to silence one person. There are really good signs that the attack against an individual was what took down Twitter, but still we really don’t know. I speculated that it might be a show of force to try to sell botnet

Who Flipped the Bird?

As I write this, Twitter, the popular social networking site is experiencing a distributed denial of service attack. I do not know where the attacks are originating from, or the reason, but it occurs to me there may be hell to pay. So what motives? Perhaps the bad guys are upset that Twitter has recently

Shorteners/Redirectors: short of ideas

We’ve been having some discussion internally about shortened URLs, with specific reference to pointing to web resources on Twitter, where you can’t actually avoid using shortened URLs, because an uncompressed URL is automatically shortened using bit.ly. You may remember that I discussed these issues before here, The main problem, of course, is that it’s all too

ThreatSense.Net® Report for July

Our July ThreatSense.Net® report has been released today, and will eventually be available from the Threat Center page here. Most of the top ten entries are old friends: well, familiar names might be a better way of putting it. One of the disadvantages of having a scanner that makes heavy use of advanced heuristics is

Compressed URLs & Twitter

The Research team in San Diego has several Twitter accounts that we use, both to follow other people and to keep people who follow us informed about hopefully useful stuff like blogs and new papers. http://twitter.com/esetresearch is the official team Twitter account, but we also post stuff to http://twitter.com/ESETLLC and http://twitter.com/ESETblog, which have more followers at

Nothin’ tweet about me

I’m still getting the occasional request to follow on my most obscure Twitter account, which is protected (meaning that I have to approve requests to follow me on there). Sorry, but if I don’t know who you are, you won’t get approved on that one. Even if I do know who you are, you won’t

Facebook: Computeracy by Degrees

When I first went to university at the end of the 1960s (yes, I really am that old, though not quite old enough to be of that generation that only remembers that decade through a haze of psychedelic phenomena), my choice of social sciences was regarded as somewhat fluffy. It was the age of "the

Follow Us

Sign up to our newsletter

The latest security news direct to your inbox

26 articles related to:
Hot Topic
ESET Virus Radar


Select month
Copyright © 2015 ESET, All Rights Reserved.