ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

What if your Virusproof Computer Catches a Virus?

An Australian company claims to have launched a “virus-proof” computer. They even say “ A fast, easy to use, computer that never gets viruses, EVER !” and then on the same page say “In the rare event that you manage to catch a virus on your virus-proof computer, we will re-load both Zone 1 and

Is Cyber Monday the End of Shopping as We Know it?

Cyber Monday is the Monday that follows Thanksgiving in the USA. This is said to be the busiest online shopping day of the year. Does that mean that there is more risk of cybercrime? The answer is yes and no. There is more risk simply because more people are shopping online so malicious web pages,

So, You Think You are Smart?

Recently I blogged (Once Upon A Cybercrime…) about a survey ESET commissioned which indicated that Mac users are victims of cybercrime as often as PC users. This finding was not the main point of the survey, but was an interesting finding. The survey is titled “Securing Our e-City National Cybercrime Survey” and was commissioned to

Google to Launch “Bob” ???

Remember Microsoft Bob? It was a shiny new windowing system on top of a windows kernel. Now Google is announcing the imminent release of the Chrome OS which, according to the official Google blog http://googleblog.blogspot.com/2009/07/introducing-google-chrome-os.html is a new windowing system on top of a Linux kernel. So is it an OS or a GUI? Chrome

Once Upon a Cybercrime…

Recently ESET commissioned Competitive Edge Research and Communications, Inc. to conduct a study about attitudes, beliefs, and experiences of Americans with respect to cybercrime. There were some interesting results. One of the findings is that most American’s are not aware that cybercrime is linked to organized crime. Viruses and Trojans are no longer the purview

Cyberwar Exposed

Today I read an article in the National Journal concerning cyberwarfare. You can read the article at http://www.nationaljournal.com/njmagazine/cs_20091114_3145.php. I think people have some misconceptions about “cyberwar”. There isn’t going to be a war, at least anytime soon which is fought with only computers. Computers are simply being used as a weapon in conjunction with traditional

The Blame Game

I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet. On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was

Hmmm, Phishing Works

Specifically spear-phishing, where the target is deliberately selected, as opposed to a random untargeted attack. An article at Dark Reading.com discusses the entirely unsurprising results of a test that concluded that the iPhone, BlackBerry, and Palm have essentially no protection against spear-phishing attacks. http://www.darkreading.com/insiderthreat/security/app-security/showArticle.jhtml?articleID=221100150&cid=nl_DR_WEEKLY_T LinkedIn was used as the service to send a fake invitation

Banks and Credit Card Companies are Funding Cybercrime

For many years banks and credit card vendors have accepted that there will be some amount of fraud and built those costs in to the operational model. The thinking goes that if the loss is small enough then it isn’t worth pursuing so they simply pass the cost on to the public through fee structures,

A Phish or a Real Email

One of the problems about trying to teach people to avoid Phishing attacks is that the banks often use the exact same tactics that the phishers use. It is mind-numbingly stupid of them to do so, but still we see emails from banks that contain links in them. As a rule I tell people not

THIS IS THE FUNNIEST VIDEO EVER!!!!!!

Oh brother, don’t tell me you fell for that one! All capital letters, lots of exclamation marks, the classic signs of bad news. Yeah, Halloween is around the corner and it is about time for the fake e-cards to make their rounds and the emails with links to “videos” that are not really videos at

You’ve Got Bot!!!

Comcast has announced that they are trialing a new service that alerts users when their computers are infected. You can read about it here: http://news.cnet.com/8301-27080_3-10370996-245.html. Essentially what happens is that when Comcast notices traffic that looks like bot related traffic they will pop up a message on the subscriber’s computer that indicates there is a

National Cyber Security Month

October is National Cyber Security month. Groups like the National Cyber Security Alliance are promoting awareness of cyber security. On Tuesday at 11 AM Eastern Daylight Time (8 AM PDT and 4 PM GMT) Department of Homeland Defense Secretary Janet Napolitano will be giving a speech that will be broadcast live at www.dhs.gov. The Secretary

Extended Validation SSL

We received an interesting comment in reply to the blog post http://www.eset.com/threat-center/blog/2009/10/13/phishing-the-fbi-and-terror. Joseph A’Deo, who apparently works for Verisign, mentioned the use of extended validation SSL (EV SSL). I am sure that some of you are familiar with EV SSL. Some of you have seen the results of it and perhaps not noticed. Some of

Windows, Online Banking, and Phishing

Yesterday I posted a blog about the Director of the FBI claiming to no longer use online banking at all because he almost feel for a phishing attack. A response to the blog suggested not using Windows for online banking and linked to Brian Krebs http://voices.washingtonpost.com/securityfix/2009/10/avoid_windows_malware_bank_on.html and Michael Horowitz http://blogs.computerworld.com/14806/crimeware_gets_worse_how_to_avoid_being_robbed_by_your_pc Both of these articles discuss

Phishing, the FBI, and Terror

In a recent speech given by Robert S. Mueller, III, Director of the FBI, he claimed that he had almost been the victim of a phishing attack targeting his bank account. Mueller went on to say that at his wife insistence he has since given up on-line banking. The article I saw was http://www.eweek.com/c/a/Security/FBI-Director-Nearly-Hooked-in-Phishing-Scam-Swears-Off-Online-Banking-616671/. It’s

Shortage of CyberCops

The Wall Street Journal recently ran an interesting article at http://online.wsj.com/article/SB125487044221969127.html. Of note, was a quote from Los Angeles District Attorney Steve Cooley who said “These days, "practically every crime, from drug dealing to murder, involves digital evidence" .From the invention of the knife, to the gun, to the telephone and car, criminals have always

Webmail Hacks

Recently there were reports of tens of thousands of hotmail passwords being posted on the web. In reality Hotmail, Gmail, Yahoo mail, and all email services are regularly being phished. If you receive an email telling you to provide your password it is a phish. That is as simple as it gets. Never give out

Windows 7 Security

The long awaited successor to Windows XP has been released? It’s Windows 7. What about Windows Vista? Well, to be frank, windows Vista is to the Windows family what DOS 4.0 was to the DOS family. For those of you who do not recall the DOS family line, DOS 4.0 was a bit of a