* Sorry, but I couldn't resist a Crosby reference. I was more than a little irritated over the weekend – see Faith, Hope, Charity and Manipulation – by Microsoft's use of the Japanese disaster to give the Bing search engine a little extra exposure using a chaintweet technique: How you can #SupportJapan – http://binged.it/fEh7iT. For every retweet,
Archives - March 2011
We've already discussed a lo-tech but surprisingly effective attack on ATM users here and elsewhere. However, Brian Krebs has recently posted on more conventional skimming attacks: Green Skimmers Skimming Green. An interesting and useful comment thread too. However, in view of the mentions there of chip and pin technology, it's worth pointing out that while
I've added some commentary and resources on the Japan earthquake/tsunami disasters to an independent blog I maintain that specializes in hoaxes, scams and so forth, but here are a few of the same resources that aren't already included in my recent blogs here on the topic: Analysis from Kimberley at stopmalvertising.com: http://stopmalvertising.com/blackhat-seo/recent-japanese-earthquake-search-results-lead-to-fakeav.html Guy Bruneau at Internet
From my friend Rob Slade. He was writing at the time of the Haiti earthquake over a year ago, but the advice still stands, and not just for those who are uncomfortably near all those fault lines that seem to have been particularly restless in the last year or two. Thoughts on Haiti, Olympics, and
As you'd expect, there have already been reports of Black Hat SEO (Search Engine Optimization) being used to lure people looking for news of the earthquake and subsequent tsunami onto sites pushing fake AV. (Stop me if you've heard this before…) My colleague Urban Schrott, however, offered some pretty good advice on what to look out
CBS in San Francisco is reporting a rather novel cash machine attack. . It seems that crooks are applying superglue to the clear, enter, and cancel buttons on cash machines at banks. A customer goes to the cash machine, inserts their card and enters their PIN. Then the victim notices the enter key is not
Kelly Jackson Higgins in a Dark Reading article tells us that Malware Attacks Decline In SCADA, Industrial Control Systems, quoting a report published by the Security Incidents Organization drawing on its Repository of Industrial Security Incidents (RISI) database. One aspect that’s attracted attention on specialist lists is the mention of a large US power company
...It’s a common plot device, of course, but our increasing dependence on the technology does make it more viable...
I've been coming across several references to an email and Facebook hoax relating to a YouTube that's claimed to show 92-year-old Ginger Rogers dancing with her great-grandson. Of course, it isn't: she died in 1995 in her 80s. This isn't a threat: it's a genuine movie and an interesting enough story to stand on its own,
...today I'm waxing nostalgic about a piece of malware. Not one of those anniversaries that have filled so many blogs, articles and videos recently (happy birthday, dear Brai-ain....), but something that just popped into my mailbox...
Added 5th March 2011 to the Stuxnet resources page at http://blog.eset.com/?p=5945...
Added to the Stuxnet resources page at http://blog.eset.com/2011/01/23/stuxnet-information-and-resources-3 on 4th March 2011: Ralph Langner at the TED Conference, as summarized by the BBC: US and Israel were behind Stuxnet claims researcher. As previously mentioned at http://blog.eset.com/2011/03/03/nice-stuxnet-commentary-and-hype-deflation. (Hat tip to Mikko Hypponen. Again!) David Harley CITP FBCS CISSP ESET Senior Research Fellow
Recently Senator Schumer from New York wrote a letter (http://www.infosecurity-us.com/view/16328/senator-schumer-current-internet-security-welcome-mat-for-wouldbe-hackers/) to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default. This is important because with http connections you are exposed to risk
got a phone call from a gentleman with a pronounced accent wanting to help me with my virus problem ... You didn't know I had a virus problem? Neither did I, but he assured me that I was spraying malware all over the part of town I live and work in.
My colleague from ESET Ireland, Urban Schrott, reports that the company has seen a megawave of Facebook spams: five separate spams in 24 hours. I've no idea of the numbers involved, but Urban's "think before you click" message is well worth repeating. The post is to ESET Ireland's CyberThreats Daily blog post: the company also
WordPress.com is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against WordPress.com. According to TechCrunch (http://techcrunch.com/2011/03/03/wordpress-com-suffers-major-ddos-attack/) WordPress.com is responsible for 10% of the websites in the world. So far I have not seen anyone take responsibility for the attacks. With so many websites being hosted
...Hanging on the Telephone, By David Harley, Urban Schrott and Jan Zeleznak...As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you more about support scams...
Some extra resources: J. Oquendo takes a cold, clear look on Infosec Island at some of the hype that surrounds the Stuxnet story: Cyberterrorism – As Seen On TV While Visible Risk, while by no means entirely negative about the Vanity Fair Stuxnet story (see http://blog.eset.com/2011/03/02/more-on-stuxnet), makes an entirely reasonable point about Irresponsible Sensationalism. I
...all the relevant malware they've seen uses exploits that are restricted to Android OS 2.2 and below...
Social Security Numbers: Identification is STILL not Authentication...