Google Eye Phish: Bait Me A Hook In The Morning
...I've been seeing quite a few scrawny, toothless piranha mailed from email addresses that are often spoofed but invariably dubious like google.phishing.team@a_latvian_mail_provider.com...
Archives - October 2011
Virus Bulletin 2011: Fake but free…
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
Government, Public Interest and Trojans
...this isn't lawful interception, and it's not surprising that the AV industry has seen no reason to avoid detecting it...
German Policeware: Use the Farce…er, Force…Luke
On Saturday, another controversial report of a “government trojan” appeared. This time it is the German government that has been accused by the European hacker club Chaos Computer Club (CCC) of using “lawful interception” malware. Hence, “Bundestrojaner” (Federal Trojan), though that name is normally applied to the legal concept that allows German police to make
Facebook: over 800 pages of data stored on a single user
In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data
National Cybersecurity Awareness Month: Do Your Bit!
October is National Cybersecurity Awareness Month in America, which you probably know by now, what with President Obama's announcement and a whole host of related coverage from the Department of Homeland Security and other interested parties. Of course, one of the main messages of Cybersecurity Awareness Month is that we are all interested parties. When
High tech identity theft ring largest in U.S. history
“Operation Swiper” just busted the largest theft ring of its type in U.S. history. The $13 million dollar crime ring was exposed after a 2 year investigation by the New York City Police, primarily centering around selling Apple electronics overseas, according to Reuters. New York City Police Raymond Kelly said at a press conference “The
New white paper & presentations, and an SC Mag article
A new conference paper, two conference presentations, and an article for SC Magazine.
Android vulnerability patch time lag causes malware opportunity
One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,
Kids’ computer game malware – Scammers stoop to new lows
There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the
Steve Jobs 1955 – 2011
ESET would like to extend our sincere sympathies to the friends, family and colleagues of Steve Jobs.
U.S. Government – Security incidents up 650% over 5 years
Citing weaknesses in security controls at 24 major agencies, a new report by the U.S. Government Accountability Office (GAO) charts the stellar rise in incidents, and tries to highlight what went wrong. Just today my colleague Stephen Cobb also posted a government-related incident in the health care sector. The timeframe of the study, starting in
Military Health Records Deserve Better Than This
Most people would agree that personal information, particularly health information, especially that pertaining to the brave men and women who serve in our armed forces, should be treated with care and protected from prying eyes at all times. But what should happen if this information is compromised? Surely we should do whatever we can to make sure no harm
Which anonymizing VPN is really anonymous?
On the heels of the arrest of Cory Kretsinger, aka “Recursion”, for one of the Sony data breaches, following an FBI request for traffic records from his VPN provider, users wonder whether anonymizing service providers really are all that anonymous. Using a VPN to connect securely out of reach of prying eyes, is a common
Will FTC Scrutiny Prompt Facebook to Pull an Onstar?
Facebook's latest round of changes has prompted privacy concerns in many circles, including Capitol Hill. As reported by Byron Acohido in USA TODAY, numerous consumer groups have joined with several members of congress to call on the Federal Trade Commission–the FTC–to investigate "new sharing mechanisms designed to accelerate the collection and dispersal of information about
Virus Bulletin 2011: Here at Last!
Virus Bulletin's annual conference is really one of the highlights of the year for the research community
Not all Facebook threats are hoaxes…
...the finding that 52% of respondents felt that increased use by their employees of social media had resulted in an increase in attacks from malware seems to me both interesting and significant...