...I've been seeing quite a few scrawny, toothless piranha mailed from email addresses that are often spoofed but invariably dubious like google.phishing.team@a_latvian_mail_provider.com...
Archives - October 2011
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
...this isn't lawful interception, and it's not surprising that the AV industry has seen no reason to avoid detecting it...
On Saturday, another controversial report of a “government trojan” appeared. This time it is the German government that has been accused by the European hacker club Chaos Computer Club (CCC) of using “lawful interception” malware. Hence, “Bundestrojaner” (Federal Trojan), though that name is normally applied to the legal concept that allows German police to make
In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data
October is National Cybersecurity Awareness Month in America, which you probably know by now, what with President Obama's announcement and a whole host of related coverage from the Department of Homeland Security and other interested parties. Of course, one of the main messages of Cybersecurity Awareness Month is that we are all interested parties. When
“Operation Swiper” just busted the largest theft ring of its type in U.S. history. The $13 million dollar crime ring was exposed after a 2 year investigation by the New York City Police, primarily centering around selling Apple electronics overseas, according to Reuters. New York City Police Raymond Kelly said at a press conference “The
A new conference paper, two conference presentations, and an article for SC Magazine.
One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,
There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the
ESET would like to extend our sincere sympathies to the friends, family and colleagues of Steve Jobs.
Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb also posted a government-related incident in the health care sector. The timeframe of the study, starting in
Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm
On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common
Facebook's latest round of changes has prompted privacy concerns in many circles, including Capitol Hill. As reported by Byron Acohido in USA TODAY, numerous consumer groups have joined with several members of congress to call on the Federal Trade Commission–the FTC–to investigate "new sharing mechanisms designed to accelerate the collection and dispersal of information about
Virus Bulletin's annual conference is really one of the highlights of the year for the research community
...the finding that 52% of respondents felt that increased use by their employees of social media had resulted in an increase in attacks from malware seems to me both interesting and significant...