ESET Research, Author at WeLiveSecurity - Page 10 of 29

Bio

ESET Research

ESET Research

Articles by author

How to Screw Up and Skew a Test

Even as AMTSO attempts to bring some qualified and competent guidance to testing methodologies, and individuals with an agenda or paranoia invent stories about why it is not good, we see more completely incompetent testing. I refer this time to the test that Steve Ragan wrote about at http://www.thetechherald.com/article.php/201031/5979/Anti-Virus-industry-lacking-when-it-comes-to-detection-says-report. The test performed by Cyveillance, who

How Much Security Do You Need?

Recently I received the following question from a reader: Hello Randy, I use Verizon Wireless  Broadband on my Vista OS laptop . For security I use NOD32 Anti Virus and Windows Firewall. Are these adequate or do I need any other security tools? The short answer is “I don’t know”. Why don’t I know? Because

One Billion Blocked – Malware and IE 8

Every layer of protection you add will harden the target against cybercrime. SmartScreen technology found in Internet Explorer 8 has recently clocked over 1 billion blocked potential malware downloads from malicious sites. By way of Terry Zink’s blog: 1 billion malware blocks is an amazing milestone and an example of two things. First socially engineered

Multi-level Cybercrime

I just blogged about a potential new Facebook worm. It may turn out that it is not a worm, but another type of attack that involves multiple levels of criminal organizations, which to some degree are being aided by the privacy laws in the Holland. To begin with there are stolen credential attacks. The two

Is Facebook Making a Funny Face?

There may be a new worm on Facebook today. Unfortunately I don’t yet have enough data to be conclusive. A friend received an IM from a friend on Facebook that said “Hey i just made myself a cartoon omg lol ill show you but you gotta do urs too” The IM also included a link

Assessing Intent

There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear

Who is Downloading the Facebook Data?

Gizmodo ran a story about who is downloading the files with the information about 100 million facebook users.   http://gizmodo.com/5599970/major-corporations-are-downloading-those-100-million-facebook-profiles-off-bittorrent It turns out that lots of people are. The story says companies, such as Motorola, IBM, Apple, and Disney, among others, are downloading the data. Organizations such as the United Nations made the list as well.

Who is Writing the Viruses?

Hitler is alive in South America. Jim Morrison is alive and living in seclusion on a mountain somewhere. Conspiracy theories never die and tend to live forever in the minds of the irrational. I recently received the following question: “Some people say that the AV company itself (ESET, Kaspersky, Symantec ..) also writes viruses! How

How to Lie to Your Bank and Get Away With It

While we talk about the periodic leakages of personal information from Facebook and how that information is leveraged by cybercriminals, the community of Facebook users can change their ways. Let’s pair up victims with criminals based on what’s broadcast by the victim. Here are Facebook’s seven deadly sins matched up with the most likely categories

Spyware in your Underwear?

A recent article on TheStreet talk Wal-Mart putting RFID tags in its merchandise.  The article questions whether or not this is an invasion of privacy, and some privacy advocates are up in arms about this. According to Wal-Mart the RFID tags can be removed from purchased items. The RFID tags are not personalized to the

You’re So Vain…

You might recall back in November of 2009 ESET released the findings of a survey about cybercrime http://www.eset.com/threat-center/blog/2009/11/16/once-upon-a-cybercrime%E2%80%A6. We went back to Competitive Edge Research & Communication and commissioned them to conduct a new survey to determine prevalence of social networking as well as to identify online security and privacy concerns of Americans. In addition

Facebook Data Theft?? or an Eye Opener

Ron Bowes, an online security consultant had a thought which he put down on paper so that all the “ingenious” people might be informed. The first and last name (and similar lists) of 100 million users on Facebook is not a remarkable discovery. There is no delight in owning anything unshared. The information “exposed” is

Beware of Travelocity and Yahoo Travel

I recently read a column on Chris Elliott’s travel site warning of a truly dishonest and despicable practice that Yahoo Travel and Travelocity are engaging in to attempt to trick people into buying trip insurance. When you go to these web sites and book a trip the screen shows you the price of the trip

Google Android and Really Bad Math

Yesterday I blogged about a security company that found a high percentage of apps for the iPhone and for the Android were stealing user information. I call it stealing because the user is not aware of what personal data is leaving their phone. At the Blackhat Security Conference in Las Vegas the same company, Lookout

Dead Men Tell No Tales, but Smart Phones Tell All

Do you have an iPhone or an Android based phone? Wait, don’t tell me, if you installed some third party apps I can probably find out. According to Lookout Inc., in an article at http://news.yahoo.com/s/ap/20100728/ap_on_re_us/us_tec_techbit_apps_privacy many of the iPhone and Android apps include spyware. To be fair, Lookout Inc didn’t call it spyware, but that

Why Steal Digital Certificates?

When you read about Stuxnet and that it used stolen digital certificates from Realtek and JMicron to sign the worm, you may have wondered what the significance of that is or why they did that. There are actually a couple of factors to consider. When you try to install certain types of software on Windows

It Wasn’t an Army

As I mentioned in a previous blog, Wired Magazine reported it would take a Nation State to pull off a takedown of the electric grid. Actually, Mother Nature, back hoes, and potentially a worm have had major impacts in the past, but the recent use of the LNK file vulnerability shows it doesn’t take the

Which Army Attacked the Power Grids?

The hot news http://blog.eset.com/2010/07/17/windows-shellshocked-or-why-win32stuxnet-sux is of a zero-day vulnerability that has been used to attack SCADA systems. This comes hot on the heels of an article on the Wired web site titled “Hacking the Electric Grid – You and What Army” http://www.wired.com/dangerroom/2010/07/hacking-the-electric-grid-you-and-what-army/. So clearly Wired had already predicted the origins, at least vaguely, of Win32/Stuxnet.

Sharing the Winner’s Circle

We recently blogged about Securing Our eCity San Diego and MyMaine Privacy both being selected as winners for the Best Local/Community Plan with respect to cyber-security. It is normal for people and companies to want to hold the position as winner all to themselves, but in this case I am hoping that next year we