I went to verify some information to complete my account registration with an office supply store. The last item looked like this I initially thought that if it is a word, it must be l33t speak, but ahh, Google Translate to the rescue! I don’t know what 443xje5 means in French or English, but the
Archives - May 2011
It’s been a really rough time for Sony. I have a hunch that in the past month “Sony CTO” has leapt past toilet cleaner on the list of least desirable jobs. Last month there was the massive Sony PlayStation/Qriocity breach that leaked more data than a Wall Street ticker leaks stock prices. Then a Sony
What do these two topics have in common? More than you might think. The obvious is that neither has arrived yet. There is no proof of existence of either, you have to take it on faith. Neither will be here tomorrow… take my word for that. A story at http://www.reuters.com/article/2011/05/23/uk-linkedin-security-idUSLNE74M02820110523 explains how dreadfully poor security
... I haven't recently posted any pointers to our content on SC Magazine's Cybercrime Corner, and now might be a good time to recap on what Randy and I have been posting there this month (so far...) ...
*http://en.wikipedia.org/wiki/Skeeter_Davis Here in the UK it's just turned 6pm on the 21st May, which apparently means I'll shortly be either invited to a rapturous celestial street party or subjected to various unpleasant experiences starting with a giant earthquake and ending with a front seat at a subterranean bonfire on or before 21st October. Though according to
Perhaps you just read David Harley’s blog http://blog.eset.com/2011/05/20/facebook-gets-something-right. Now I am about to tell you about something else Facebook got right. With two accolades in one day dirty, unfounded rumors might start flying about Facebook buying ESET or infiltrating our blog with spies. To cast off such groundless speculation I’ll tell you about the part
It seems a little strange to have the words "Facebook" and "privacy" in the same sentence in one of my blogs, yet it seems that Facebook CTO Bret Taylor testified at a Senate Commerce Committee hearing on mobile phone and internet privacy. But it turns out the story is about rather more than privacy: it's
Greetings Dear Reader, We have published guidance material previously on passwords and passphrases, some are blogs and some are lengthier depending on your liking (link & link). Even still it is always good practice to reinforce sensible password techniques. For this blog, I plan on sharing an analogous self-ritual, and one that relies on a
It's been a busy few weeks. Last week I was in Krems, Austria for the EICAR conference. The week before, I was in Prague for the CARO workshop (where my colleagues Robert Lipovsky, Alexandr Matrosov and Dmitry Volkov did a great presentation on "Cybercrime in Russia: Trends and issues" – more information on that shortly),
In life one cannot reload a particular scene; however, in gaming one certainly can. This is an unfortunate time for Sony PlayStation and customers due to the recent breach. Anecdotal reports are now coming in that Sony PlayStation who opened up their gaming ecosystem recently has now potentially fallen to a password reset hack. This
Well, the EICAR conference earlier this month was in Krems, in Austria, where I hear that they're not averse to the occasional brandy, but I was actually perfectly sober when I delivered my paper on Security Software & Rogue Economics: New Technology or New Marketing? (The full abstract is available at the same URL.) To conform with EICAR's
There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise. This news cycle started by the Ulm University publishing some information on the 13th of May showing some results. I'm sure this story will develop and CTAC may follow-up to my blog with more details;
I'm a little late on this since I've been out of office for a few days, and only just picked up the relevant email. However, the Securing Our eCity Cybersecurity Symposium and IT Exec awards event is, I gather, happening right now and being tweeted live with the hashtag #SOEC . More information on the event
Another day, another Facejack attack. We see a lot of these sorts of scams, alluringly titled posts – typically with a promise to show you who has been visiting your profile (or infamously, video of Osama Bin Laden's death) – that try to get you to click to see some special content. The latest one
...35% of iPhone/Android users in the US interact with their smartphones before they get out of bed...
An article came out yesterday from Clement Genzmer who is a security engineer at Facebook. His tagline is "searching and destroying malicious links". Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to
I received an email from Comcast (my ISP) announcing their “Constant Guard™ Security Service”. Basically, if Comcast thinks a customer is infected with a bot they will email the customer and offer to help clean up the computer. The Constant Guard service claims to do a lot more too, but Comcast is quite ambiguous about
...I would suggest that you take any statement like "Grottyscan AntiVirus is best because it detects 200 million viruses" with a pinch of salt. Actually, a whole salt mine...
Our colleagues Aleksandr Matrosov and Eugene Rodionov are tracking the evolution of TDL4 (also known as Win32/Olmarik). The following is a report on the latest TDL4 update, released last week. In our previous blog post, we described how the latest Microsoft Security Update modified the Windows OS loader (winloader.exe) to fix a vulnerability that allowed