...Somewhere in this welter of misinformation, well-meant but muddled thinking, and black propaganda, there are some issues that need clarifying... Watch this space for further information. And while you're waiting, you might want to check the documentation and other resources at the AMTSO web site to see what the organization really proposes and what it is really trying to achieve...
Archives - June 2010
...time to share it here: not only for its insights into the Latin American crimeware scene, but even more so as a neat summary of the way in which global crimeware is distributed regionally...
...Aleksandr Matrosov, Senior Virus Researcher, & Eugene Rodionov, Rootkit Analyst, ... have allowed us to share a long and comprehensive report on the TLD3 rootkit...
Today as I filled up, I noticed that they changed my BP / Arco pump kiosk’s payment instructions, probably as a result of the Hotea Arco skimming case a few years back. With the recent commentary on skimming David Harley provided, I thought a picture of anti-skimming advice might speak a thousand words – or
Further to my last blog here, it seems that I've been missing some serious fake AV telephone scam action. Some links provided by my good friend Steve B. Nice one, Steve. :) ALERT: metsupport.com – yet another telephone based fraud (aka SupportOnClick revisited – again) http://hphosts.blogspot.com/2010/06/alert-metsupportcom-yet-another.html techonsupport.com, click4rescue.com, pcrescueworld.com: SupportOnClick revisited http://hphosts.blogspot.com/2009/12/techonsupportcom-click4rescuecom.html SupportOnClick: Phoned by
The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that notification had been received concerning a virus infection on his PC, and offering to help him to install antivirus software. When asked what antivirus software was being offered, the caller claimed that it was ESET's.
Regrettably, pretty much anything could happen to your credit card while it's out of your sight. However, the "ATM Card Skimming and PIN capturing Awareness Guide", while it can't cover every possible permutation of illicit additives to your friendly local ATM, does at least offer some guidance as to what to look for.
I recently came across a few videos on YouTube where TV stations did undercover investigations for computer repair work. It is amazing how often a non-existent virus gets blamed for problems. If you ever need computer repair work done and you are not real tech savvy, it pays to get referrals and if the cost
The attacks from cybercriminals are now occurring in the online stock and equity trading world. Instead of simply emptying out compromised brokerage accounts, cybercriminals apparently are refining their attacks and striking at broader and more lofty goals: the trust mechanisms of business equity valuations with publicly traded stocks and equities. George Hulme, InformationWeek contributing writer
Recently ESET held a partner’s conference in Cyprus. As I was walking down the Street in Cyprus I saw the following sign: Hey, what a deal!!! Free internet access AND a laptop to use while you are there!!! So, I did the respectable thing. I ordered a beer in addition to asking if I
Further to my "top ten of top tens" post, I was encouraged by some queries to revisit the “Top Ten Mistakes Made When Evaluating Anti-Malware Software” list quoted by Kevin Townsend here. As it was an AMTSO issue and most of the queries have related to an AMTSO blog post, I've returned to it (and
Here's another post from our colleagues in Spain (http://www.eset.es): mistakes in interpretation are down to me (David Harley). We have frequently talked about and shown examples of threats that take advantage of Black-Hat SEO (Search Engine Optimization). This technique (BHSEO) is used by malware authors to position the malicious links in the top results when a potential
Apple Insider has reported that Apple has silently added rudimentary protection for a threat that they call HellRTS. Our own David Harley has blogged about this at http://macviruscom.wordpress.com/2010/06/18/apples-covert-anti-malware-ops/. At the same time that Apple tries to fool users into thinking that malware doesn’t run on Macs, Apple is very slowly beginning to add very basic
My colleague Josep Albors flagged this issue on the Ontinet blog a little earlier today. I've flagged it here as it's likely that there are similar messages carrying the same malware circulating in languages other than Spanish.
Well, not exactly, though actually a top ten of top tens isn't a bad idea: apparently, top tens usually attract plenty of readers. As do top fives. twenties etc, though probably not top thirteens. Security Memes a Lot to Me Still, there is a touch of recursion to this post. I got a notification from
Microsoft Hotmail has a new feature: Out of Band Authentication via cell phone SMS Text. They call it ‘single-use codes’: Single-use codes This new security feature is designed to further protect you when you sign in from a public computer, such as those found in internet cafés, airports, and coffee shops. When you request a
Ginny Lee, CIO at Intuit stated: Our preliminary investigation indicates the outage occurred during a routine maintenance procedure Tuesday night. An accidental power failure during that procedure affected both our primary and backup systems, taking a number of Intuit websites and services offline. While power was quickly restored, we’re working diligently to validate our systems
For more than 24 hours Intuit has been offline. Intuit is a financial services company that provides the products TurboTax, Quicken and the QuickBooks accounting program. According to the Wall Street Journal Intuit has ruled out a cyber attack, however, the duration of the outage would tend to indicate a security breach. It is quite
I was greeted with the most charming email this morning. A young lady is so impressed with me that she wants to share our heart's desires. Take a look… she sent it in two languages to make sure I would understand her. Ahh, but then I checked out who the email was sent to… It