ESET Research, Author at WeLiveSecurity - Page 5 of 29

Bio

ESET Research

ESET Research

Articles by author

No chocolates for my passwords please!

Greetings Dear Reader, We have published guidance material previously on passwords and passphrases, some are blogs and some are lengthier depending on your liking (link & link).  Even still it is always good practice to reinforce sensible password techniques.  For this blog, I plan on sharing an analogous self-ritual, and one that relies on a

Sony PlayStation – Rehacked reloaded?

In life one cannot reload a particular scene; however, in gaming one certainly can.  This is an unfortunate time for Sony PlayStation and customers due to the recent breach.  Anecdotal reports are now coming in that Sony PlayStation who opened up their gaming ecosystem recently has now potentially fallen to a password reset hack.  This

Android’s Anomaly?

There are reports coming out today about Google Android and how approximately 99.7% of its users are potentially open to compromise.  This news cycle started by the Ulm University publishing some information on the 13th of May showing some results.  I'm sure this story will develop and CTAC may follow-up to my blog with more details;

Facebook’s Search and Destroy

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to

Will the Comcast “Constant Guard™ Security Service” work?

I received an email from Comcast (my ISP) announcing their “Constant Guard™ Security Service”. Basically, if Comcast thinks a customer is infected with a bot they will email the customer and offer to help clean up the computer. The Constant Guard service claims to do a lot more too, but Comcast is quite ambiguous about

ESET Version 5 Beta is here!

For those of you who have just been itching to test drive the beta of ESET Smart Security version 5 or ESET NOD32 version 5 the beta is now available. Just head over to www.eset.com/beta and I am sure you can find it. As always, remember that this is beta code and use on production

Osama Bin Laden Video Malware

The bad guys know you far too well. They know that all they have to do is say they have video footage of Bin Laden and many people will mindlessly click. As is always the case with any big news headlines, there are fake videos being posted with the intent of infecting your computer and

ESET Mobile Security Beta for Android is Here!

As I have blogged about the Android platform a recurring comment has been “When will ESET have protection for my Android?” Well, I still don’t know when it will be available for sale, but for those who understand the risks involved with running beta software, have backed up all of their data on their Adnroid

Sony PlayStation Network and Qriocity Services Hacked – 77 Million Accounts at Risk

Not one to let Epsilon or Oak Ridge National Laboratories hog the media spotlight, Sony, a seasoned expert at security blunders such as the famous Sony rootkit, has taken the spotlight for one of the biggest security breaches of all time. Hackers were able to access Sony’s network and according to Sony http://blog.us.playstation.com/2011/04/26/update-on-playstation-network-and-qriocity/ the information

Will You Be Accused of Collecting Child Pornography

Throughout the years we have advised that you should use encryption on your home WI-FI. There are ma y reasons for this, including keeping your data confidential, but not having encryption enabled on your home WI-FI can put you at serious risk of having your doors knocked down and being arrested for downloading child pornography.

How to Avoid a Phishing Attack

With the breach of Epsilon, we are going to see a huge influx of phishing attacks before it settles back down to the normal level of tons of phishing attacks. So you aren’t a computer expert, how do you protect yourself? Don't worry about spotting the phish, it is more important that you do not

Information Wants to be Free – So Epsilon Thinks

Information Wants to be Free If you are a member of the technology advocate crowd that uses this slogan for a mantra, you are going to love the Epsilon Company. Reports starting coming out on April 2nd that the mega email marketing giant, Epsilon was breached and millions of names and email addresses of customers

Samsung and I Got Bit by a VIPRE

Yesterday I reported that Samsung laptops were infected with a keystroke logger. This certainly appeared to be the case as a Samsung supervisor reportedly confirmed (http://www.networkworld.com/newsletters/sec/2011/040411sec1.html) that Samsung shipped infected laptops. Samsung has since indicated that this is not the case. This incident has some very important lessons. My entire information supply was polluted and

Facebook Fixes Flaw – Farmville Compromises Facebook

After the release of FireSheep, Facebook took an important step to help protect Facebook user accounts by allowing users to choose to keep an encrypted connection as long as they used just Facebook and intelligently designed apps. Savvy users immediately discovered that if they tried to use grossly insecure apps such as Farmville, 21 Questions,

Got a Samsung? You Got Owned

[Final Update… I think –  THERE WAS NO KEYSTROKE LOGGER please see http://blog.eset.com/2011/03/31/samsung-and-i-got-bit-by-a-vipre to find out what happened.] [Update – There will be a new blog about this incident. I relied upon the information at http://www.networkworld.com/newsletters/sec/2011/040411sec1.html that Samsung had confirmed the presence of the keystroke logger in asserting that the laprops were infected. Since then

Facebook Parenting Skills

Many parents are rightfully concerned about their kid’s participation in social networks. There are a number of areas to be concerned with. Who are the kids talking to? Is there a pedophile stalking them? Parents might worry about the friends their kids are making online and what kind of people, even their kid's own age,

Do You Like My Body?

The subject lines of our blog posts may, or may not be appealing to you, but we hope you’ll enjoy the body of our posts, and if you do, there is now a “Like” button down at the bottom of the page for each blog post. For those of you using NoScript, you’ll need to

Facebook Retains Right to Exploit Minors

Facebook is really, really good at coming up with new ideas, but reasonably well thought out ideas from Facebook seem a bit harder to come by. This is an issue that recently came up when Facebook decided that they would start allowing third party developers to gather address and phone number information and share it

More Spam for Tripadvisor.com users

It is unfortunate, but a fact that many organizations are going to suffer hacks. The internet was designed to be a cybercriminal’s dream. That was not the intent of the internet, but the design certainly is such that it serves the purpose well. Fortunately it also serves many great purposes quite well too. News came

The Sleazy, Sneaky, Facebook Marketing Brigade

My good friend David Harley just blogged about Facebook’s brand new way to misappropriate your data without your consent. Alas, in underestimating how far Facebook will go to attempt to avoid allowing you to control your privacy, David missed the second setting that is required if you do not want Facebook to decide what companies

Are You Ready for Valentine’s Day?

Got the flowers ordered? Dinner plans? eCard? Wait, eCard? I didn’t send her an eCard. The bad guys are ready for Valentine ’s Day. Actually they are not waiting. The jerks that brought you the storm worm are back at the eCard scam with amorous incantations about an  eCard for you. As a rule of thumb,

Auto-Infect

PLEEEEASE Infect me This is what Windows says when you install it. You see, there is a default setting called “autorun” that will automatically run a program when you insert a CD or DVD or thumb drive into your computer. The idea is that you put the media in there to run a program, so

What’s a redirect and why is it bad?

A redirect is a way to take a web surfer to another site. Redirection is very useful when done right. Instead of getting an error message that the page cannot be found you can be redirected to a page that helps you find what you are looking for. At ESET we use redirects properly. If

Don’t Get Burned Twice

The current fires in Southern California are causing misery to hundreds of thousands of people. ESET LLC calls San Diego home and is acutely aware of the impact this is having on people’s lives. Not only is ESET providing assistance to employees impacted by the fire, but some employees are volunteering their time and money

Virus Bulletin – Vienna

Quite a while ago I posted a blog titled “The Spirit of Cooperation”  in which I spoke of the AVAR conference. Today I write from the Virus Bulletin conference. It could be my last blog if my boss finds out I’m writing a blog while he’s addressing us in a session at the conference :)

Beta Test This!

Well, I said I wasn’t going to post each time the storm gang changes their tactics, however, perhaps I can use many of their ploys to teach anti-scam education. The scum-scam du jour is an email asking you to beta test some software. One I saw went as follows: ———————————————————————————————— Would you consider helping us

Wow, a bulletproof vest!

Our heuristics have gotten pretty well tuned to the varieties of Storm Worms we’re seeing. We generally catch the new variants, but nobody is catching them all without incurring a significant false positive rate. There are probably some companies that would take issue, but when you block everything, including good, that counts as false positives

Is Everyone Really Bad?

Most of us were taught that most people are good and only a few are bad. This truism has carried over to computers where it is not applicable, especially in the case of email. It isn’t that there are more bad computer users than good ones though. Here’s how it works. If you have 100

Yahoo Messenger Vulnerability

Vulnerability in Yahoo Messenger that can potentially allow a remote attacker to hijack your PC is you accept a webcam invite. Of course, your friends are not going to exploit the flaw when they invite you to a video chat. The threat is when you get invites from untrusted sources. The obvious advice is to

Sugar Pill

WARNING! The following post contains examples of humor and satire. If you do not find this funny there is probably a pill for that too. We’ve seen Red Pill (http://invisiblethings.org/papers/redpill.html). We’ve seen Blue Pill (http://theinvisiblethings.blogspot.com/2006/06/introducing-blue-pill.html). Today I read about Purple Pill (http://blogs.zdnet.com/security/?p=427) and so I have decided to pre-emptively warn you about Sugar Pill. Sugar

You Have To Try Hard To Be Less Competent

So the people at untangle.com decide to “test” anti-virus product in an effort to prove their dedication to open source zealousness. I’m not against open source, but if you want to promote it then be honest about it. First untangle grabs a few samples of “viruses” that they know CLAM AV will detect. Unfortunately 1

eOops

Ok, now I’m in trouble. It seems that about the time of my post about eVil eCards and eVites our sales department was just about to use an eVite. Actually, for their intended purpose an eVite may well be the right tool for the job. How’s that you ask? The answer is context and clear

Why eCards, eVites, eGreetings, and such are eVil

There are a number of reasons why people should not send or read eCards and the like. I am hard pressed to think of any reasons why people should send them though. So, how about a list of reasons why you should not send or open them. 1) Social Engineering. E-ware, as I collectively call

Twisted advice

CISRT issued an advisory about an IM worm. This is a typical worm that you avoid quite simply by not opening attachments in IM, especially when they claim to be Paris Hilton Videos. There is nothing particularly interesting about the worm, but there is something interesting about the write up at http://www.cisrt.org/enblog/read.php?128. CISRT gives instructions

How about a Banking License?

A few weeks ago I did a podcast about a proposal for an “Internet Driver’s License”. All of my podcasts are at http://www.eset.com/podcasts/ and are available as MP3’s as well. I didn’t think the idea of the internet driver’s license would play out well, but I do think that perhaps an “Online Banking License” might

e-Gads!

Several years ago when I first saw an e-Card, the first thing that I thought was that these would become a very successful tool for social engineering attacks designed at spreading malicious software. The current wave of “storm worm” spam uses this exact tactic. Emails such as the following are how users are tricked into

Your Mother Wrote This Blog

Now, why don’t you believe me? If I sent it to 5 million people in an email message many of them would believe it. Pierre-Marc wrote a blog entry this morning http://eset.com/threat-center/blog/?p=69 in which he described one of the latest scams going around. For those of us who work around security, we saw this abuse

It Looked Like a Duck. It Walked Like a Duck. It Quacked Like a Duck!

It was a chicken in disguise. On July 1st at 12:41 AM CET ESET became aware of a false positive. Some advertising banners were incorrectly flagged as being infected with the JavaScript trojan JS/Tivso.14a.gen Trojan. By 2:00 AM CET update version 2366 went out, correcting the misdetection. Later ESET researchers discovered that the generic signature

Open-Item Attack Gadgets!

In December 2006 Walmart sold an open-item Zune with porn on it. The porn was almost certainly from the previous owner. Walmart then resold the item without checking it. Upon realizing their error, Walmart went with the surefire “let’s blame Microsoft for our mistake” defense. In reading Tyler Reguly’s blog over at computerdefense.org, I came

MPack, the great hype generator

There has been a lot of hype around MPack. As a result consumers are asking anti-virus vendors if they detect it. For the average consumer detecting MPack is of no value. MPack was reportedly found on over 10,000 web servers, however not a single visitor to those sites was infected with MPack. MPack is only