Aryeh Goretsky interviewed, as his paper on Possibly Unwanted Applications is published.
Archives - August 2011
...both articles are concerned with breaches of copyright and IP abuse...
'Tis the season to get ready for the autumn round of security conferences.
We see this morning a post about British Prime Minister Cameron’s assertion yesterday during a Parliament presentation that, “Free flow of information can be used for good. But it can also be used for ill. And when people are using social media for violence, we need to stop them.” Sort of hearkens back to the
If you downloaded the Facebook app for your mobile device, and just zipped through the install options (like users commonly do), did you know all your contacts could now be on your Facebook Contact list (formerly Phonebook) and can be datamined by Facebook? This is also disturbing if Facebook itself gets hacked and your phone
I have an Android in my pocket as I type, with all kinds of cool apps ranging from GPS navigation to acoustic guitar tuner (really cool) – and apparently I’m not alone. Users are scooping up the latest batch of Android smartphones in record numbers, and what better target can malware authors ask for? Well,
On the heels of the recent activity with Stuxnet, the industrial process control computer worm that targeted Iranian nuclear centrifuges, a Blackhat talk by Thanassis Giannetsos explains how to hack yet another commonly used family of controllers. We have mused that this trend, targeting critical infrastructure nodes, is but a shade of things yet to
The North American Electric Reliability Corporation’s (NERC) newly formed Cyber Attack Task Force will “consider the impacts of a coordinated cyber attack on the reliability of the bulk power system”, in a proactive effort to increase providers’ readiness for new waves of potential nastiness. Recently, there has been a flurry of activity surrounding efforts to
...you can probably guess what I think about the idea of an undetectable virus...
...I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog...
There is some pretty interesting content in ESET's Threat Report for July.
If you could use texting to break networks, what could you do? Well, Don Bailey, with ISEC Partners, in his talk today at Blackhat, muses that you could break a lot, driving around and dropping in on various networks as you saw fit. Well, really his proof-of-concept collection of tools is aimed at educating mobile
Among the many different trojans that spread on Facebook, something popped up recently that caught our particular attention. The threat, detected by ESET as Win32/Delf.QCZ, is interesting for several reasons. Distribution First, let’s look at the distribution vector. Win32/Delf.QCZ relies on the old “fake codec/media player trick” and links to the malware-laden site are
Finally seated in the crowded auditorium at Blackhat 2011, our first keynote speaker, Cofer Black, a veteran government intel mainstay, regales us with the US threat stance and endeavors, mostly in the physical arena of combat and operations. Then he relates it to the cyber arena. Referencing the U.S. Government’s highest priority threats, which used
Citing the days of yore, when firms hired private security to protect their interests, General Michael Hayden, One of the architects of US foreign policy under George W. Bush, floats the idea of a sort of digital version of the oft-illustrious Blackwater firm (since renamed Xe); a modern day cyber rent-a-mercenary program for governments. He
We (AVIEN) devoted quite a lot of space to one Chinese operation, the NCPH group, in the “AVIEN Malware Defense Guide for the Enterprise”
A week or so ago we promised you a full paper expanding on our Hodprot is a Hotshot blog. That paper is now available.
What we're lacking here is a clear differentiation between types of "hacktivist" or, indeed, "activist": much of the commentary that's around at the moment seems to assume that all hacktivists are the same.
Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006, it is amongst the most detected threats by ESET, taking the 7th position between January and April 2011. In our previous blog post,
Win32/PSW.OnlineGames.OUM is a malware that aims to steal credentials for online games. It targets popular game titles such as World of Warcraft, Star Wars Galaxy, Lineage 2 or Guild Wars. Active since 2006. This malicious software is amongst the most detected threats by ESET, taking the 7th position of the Top 10 most detected threats