I read an article on the Newsweek Blog today http://blog.newsweek.com/blogs/techtonicshifts/archive/2009/12/22/antivirus-under-attack-from-polymorphic-threats-and-you.aspx In the blog the author states “Individuals and corporate users are storing less data on their hard drives and more in the cloud — remote servers, operated by giants like Google and Amazon. With less valuable data on individual PCs, the need for virus protection
Today it was announced that Howard Schmidt will become the Cyber Security Coordinator for the White House. First off, it’s about time the press stopped calling the position “Czar”. I met Howard Schmidt when he and I both worked at Microsoft. It was right after I had spent a little time teaching helpdesk how to
Social networking sites have become living biographies of people and may set them up for social engineering attacks. From time to time I enjoy looking to see what I can find out about people who send question to me using the AskESET@eset.com address. I won’t ever name names, but I wanted to share one example.
Adobe PDF files were supposed to be a safe alternative to Microsoft Word documents in a time when Microsoft offered no effective protection against macro viruses and had virtually no security model in Office at all. Times change. Microsoft Word documents rarely spread macro viruses and have not for a long time if you are
OK, it isn’t quite that dire, but if you are using Windows XP Service Pack 2, support for that version of the operating system will end in July 2010. If you plan to stay with Windows XP a while longer then it’s a good time to upgrade to service pack 3 if you have not
I was recently asked to share some predictions about what 2010 will bring in the security space. I asked some colleagues from ESET Research to share their thoughts as well -Randy Randy Abrams Director of Technical Education Social Engineering attacks will continue to grow in prevalence. As operating systems and eventually applications become more secure,
In a recent article it was reported that more that 300,000 websites had been booby trapped. http://www.theregister.co.uk/2009/12/10/mass_web_attack/. The bad guys were able to compromise these websites and insert programs so that if you visit the web site it will try to infect your computer. You have no way of knowing if a web site has
I recently received a question at AskESET@eset.com that I thought would be of general interest, so I am answering it here. Could you tell me what the differences among Behavior Blocker, Immunizers, CRCs, and Active monitors? Thanks. A behavior blocker is a type of program that prevents certain actions from being taken. A behavior blocker
I recently received a question at askeset@eset.com that I think maybe of interest to more than just the author. I read an interesting article written by Kaspersky Lab titled "Drive-by Downloads. The Web Under Siege" and have a question I was hoping you could answer. (I have included a link to the article below.) Are
In just a couple of weeks you will be out of time to shop online and have that gift delivered in time for the holiday. I expect that there will be a surge in phishing attacks designed to take advantage of the panic factor. You get an email that says something to the effect that
So, my recent blog about PayPal calling its own email phishing seems to have received a bit of attention. The Good In response, I got an email from their Principal Security Engineer who asked me for a copy of the email that was incorrectly identified as a phish so he could use it to help
December 3, 2009, marked the 150th episode of the Malware Report Podcast (http://www.eset.com/podcasts). We talk about a lot more than malware and for the 150th we invited Marcus Sachs, director of the SANS Internet Storm Center to be our special guest to chat about the current cyber security landscape as well as the government’s role
Yes, it is true, I am not making this up. I do not believe that PayPal has stolen anything from users, but they have told me that their own email is phishing. Here’s what happened. I sent them one of their own legitimate emails and told them it was a bad idea to include a
Frankly, I am really amazed that Craig’s list has not been much more attacked. They must be doing something right. Still, the opportunities for social engineering attacks seem quite bountiful to me. So far the majority of scams I have heard about involve old fashioned attacks, like having someone send an item they sold after
With the holiday purchasing season in full swing, expect to see a rise in PayPal phishing attacks. The bad guys know that there is a high likelihood of increased PayPal use. As we get closer to Christmas, the need for timely orders will increase. This will probably result in a lot more of the phishing
The much reported/blogged iPhone worm does not affect all iPhones. Specifically it affects SOME iPhones that have been jailbroken. A significant part of the iPhone and iPod Touch security model is a technique called “whitelisting”. This is not new and is known to be a very effective security technology that can be used to prevent
Yes, the time is now here for Thanksgiving e-Cards. Before you click on a link to go get your eCard, make sure that your operating system is fully patched. Even if you use automatic updates, it’s a good idea to go to update.microsoft.com and make sure you’re fully patched. Next try out the Secunia vulnerability
I wanted to share with you some more results from the cybercrime survey ESET commission and recently released. You can find the entire report at http://www.eset.com/company/CERC_Poll_2009_Oct.pdf. 57% of American computer owners now bank online, however the more money a person makes the more likely they are to bank online. 2/3rds of computer owners who earn
An Australian company claims to have launched a “virus-proof” computer. They even say “ A fast, easy to use, computer that never gets viruses, EVER !” and then on the same page say “In the rare event that you manage to catch a virus on your virus-proof computer, we will re-load both Zone 1 and
Cyber Monday is the Monday that follows Thanksgiving in the USA. This is said to be the busiest online shopping day of the year. Does that mean that there is more risk of cybercrime? The answer is yes and no. There is more risk simply because more people are shopping online so malicious web pages,
