Yesterday I reported that Samsung laptops were infected with a keystroke logger. This certainly appeared to be the case as a Samsung supervisor reportedly confirmed (http://www.networkworld.com/newsletters/sec/2011/040411sec1.html) that Samsung shipped infected laptops. Samsung has since indicated that this is not the case. This incident has some very important lessons. My entire information supply was polluted and
A number of organizations dedicated to online hosting have launched an interesting initiative by naming this day, March 31th, World Backup Day. Who hasn’t ever lost a USB device and has regretted not having a backup? Who hasn’t experienced the death of a hard drive only to lose information that won’t ever be able to
In Giving the cybercriminals a helping hand, Randy Abrams discusses how most Facebook app developers are making session hijacking too easy for the cybercriminals. In A tsunami is also a crime wave I talk about the range of cybercrimes that have come out of the Japan earthquakes and tsunami. And in Supporters Club I return to
After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions,
[Final Update… I think – THERE WAS NO KEYSTROKE LOGGER please see https://www.welivesecurity.com/2011/03/31/samsung-and-i-got-bit-by-a-vipre to find out what happened.] [Update – There will be a new blog about this incident. I relied upon the information at http://www.networkworld.com/newsletters/sec/2011/040411sec1.html that Samsung had confirmed the presence of the keystroke logger in asserting that the laprops were infected. Since then
It appears that the group behind the Win32/Swizzor malware family has put an end to their operation. This malware family has been around since 2002. Security companies have seen hundreds of thousands of unique binaries classified as this family, which was installed on PCs through "affiliate" programs. The malware is used to display unsolicited advertisements
Win32/Olmarik (also known as TDSS, TDL, Alureon and sundry less complimentary names) has gone through some interesting evolutions in the last couple of years. TDL4 is no exception, with its ability to load its kernel-mode driver on systems with an enforced kernel-mode code signing policy (64-bit versions of Microsoft Windows Vista and 7) and perform
… albeit more slowly than previously. Added to the resources page at https://www.welivesecurity.com/2011/01/23/stuxnet-information-and-resources-3 today: A nice article by Mark Russinovich on Analyzing a Stuxnet Infection with the Sysinternals Tools, Part 1. Though I don't think Stuxnet is universally acknowledged as the most sophisticated malware ever. See, for instance, http://gcn.com/articles/2011/01/18/black-hat-stuxnet-not-superworm.aspx. (Hat tip to Security Garden for the pointer.)
Many parents are rightfully concerned about their kid’s participation in social networks. There are a number of areas to be concerned with. Who are the kids talking to? Is there a pedophile stalking them? Parents might worry about the friends their kids are making online and what kind of people, even their kid's own age,
The subject lines of our blog posts may, or may not be appealing to you, but we hope you’ll enjoy the body of our posts, and if you do, there is now a “Like” button down at the bottom of the page for each blog post. For those of you using NoScript, you’ll need to
Facebook is really, really good at coming up with new ideas, but reasonably well thought out ideas from Facebook seem a bit harder to come by. This is an issue that recently came up when Facebook decided that they would start allowing third party developers to gather address and phone number information and share it
It is unfortunate, but a fact that many organizations are going to suffer hacks. The internet was designed to be a cybercriminal’s dream. That was not the intent of the internet, but the design certainly is such that it serves the purpose well. Fortunately it also serves many great purposes quite well too. News came
My good friend David Harley just blogged about Facebook’s brand new way to misappropriate your data without your consent. Alas, in underestimating how far Facebook will go to attempt to avoid allowing you to control your privacy, David missed the second setting that is required if you do not want Facebook to decide what companies
The Australian Communications and Media Authority is planning to impose harsh penalties on support desk scammers. (Hat tip to Andrew Hayter for drawing my attention to that item.) According to chairman Chris Chapman, nearly half of all the complaints they've received about calls to numbers on the Do Not Call Register have been about cold-calling
You may not be aware that ESET writers have been supplying blogs to SC Magazine for a while now. Recently, Randy Abrams and I were drafted in after the original contributors moved on, and we started contributing this week: Poachers and Gamekeepers considers whether there is a conflict of interest when AV companies work with
Many Facebook users are annoyed to discover that their names and faces can be used in sponsored FB ads. Indeed, according to Dan Tynan in IT World, the next phase will to allow 3rd-party advertisers to do the same thing inside Facebook apps. I'm not a great fan of the FB principle of all your
One that will be of most interest to our readers in the UK, I guess. Our friends at Virus Bulletin are holding another "Securing Your Organization in the Age of Cybercrime" seminar, this time on the Open University Campus at Milton Keynes on the 24th May. The full agenda is already available on that page, and
[Update: more information from ESET on this malware here.] Last October, my colleague Tasneem Patanwala blogged about rogue antivirus masquerading as an ESET product. In that instance it was a product calling itself Smart Security, and Tasneem's blog includes lots of useful information about that particular malware, and fake AV in general. Looking through my
As the number of apps for smartphones continues to grow, perhaps your paranoia about such apps should be growing as well. In an unusual statement, the former director of the CIA has warned that the government isn’t sharing enough information about cyber security. In an article at http://www.wired.com/threatlevel/2011/03/hayden-cyber/, retired four-star Gen. Michael Hayden is quoted
The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws
