General | WeLiveSecurity

General

Facebook FTC Settlement Means 20 Years of Federal Privacy Audits

The FTC has just announced its eight-count deception charge against Facebook has been settled, with the world's largest social network submitting to a wide array of remedies that include 20 years of privacy auditing and strict controls on how the company deals with your personal data in the future. In this post I will explain

Cyber-Shopping Safety Tips: A handy video guide

Now that the 2011 holiday shopping season is underway we thought it would be helpful to share our tips for safer cyber-shopping in the form of a short video (I think we all know at least a few people who can’t seem to find time to read anything, but are more than happy to watch

Holiday shopping? We know where you are

Well, not you exactly you, but malls are rolling out technology that tracks customers’ patterns throughout the mall using cell signals. They say they aren’t collecting personal information, but say they want to be able to track customer traffic patterns, for example, how many customers visit Starbucks after visiting Nordstroms. The technology, called FootPath, is

SCADA attacks gone crazy

SCADA, a network-enabled setup for controlling infrastructure, is hitting the headlines in force for falling victim to cyber scammers. There have been several incidents of unauthorized access to Supervisory Control and Data Acquisition (SCADA) systems recently, from guessing simple passwords, to full-on spear phishing attacks against a hardware vendor, which were then used to access

Cyber Monday Safety: 10 tips for safer holiday shopping online

With 10 days to go before Cyber Monday, the "traditional" post-Thanksgiving online shopping day, ESET has put together 10 tips for safer holiday shopping online. Please feel free to share these tips with any friends and family who are planning to shop online this season. You can even go old school and hand them a

Facebook’s Gross Video Scam: Watch the rest of the story

Scumbags posts links on Facebook that can lead to malware infected websites, phishing forms, identity theft, financial losses, or worse. One hopes that all Facebook users have been warned about this by now, but how many have seen what these scams look like in action? When security experts advise "Do not click" with respect to

SOPA and PIPA and DNS: An open letter to Congress

SOPA and PIPA are pieces of legislation currently under consideration in the United States Congress that have serious implications for DNS, the Domain Name System which makes possible the Internet as we know it. To give them their full names these bills are HR 3261, the Stop Online Piracy Act (SOPA), and S.968, the Preventing

Facebook Facing FTC Mandated Privacy Changes

At the beginning of the month we discussed the scrutiny that Facebook privacy practices have been receiving from government agencies in North America and beyond, including the U.S. Federal Trade Commission. Now there are reports that "Facebook is nearing a settlement with federal regulators that would require the world's most popular online hangout to obtain

DNSChanger and PROTECT IP: FBI hit and legislative miss

Today the world woke up to DNS changing and something called DNSChanger. First we had the excellent news of a major FBI bust, taking down a cyber-ring that had infected about four million computers in 100 countries. The operators of this fraud had used malware called DNSChanger to redirect infected computers to rogue websites. For

Updates on OSX/Tsunami.A, a Mac OS X Trojan

Yesterday, ESET announced the discovery of a new threat against the Apple Mac OS X platform. Today, we have found a new version of the same threat. The new version is similar to the previous version with two important differences. The first addition to this threat is that it now implements persistence on an infected

Win32/Duqu: It’s A Date

For the last few days, much malware research time has been devoted to the brand-new malware that ESET calls Win32/Duqu. One of the features that makes this kind of malware particularly interesting is that it very closely resembles Stuxnet, one of the most sophisticated worms of recent years. Last year we performed in-depth analysis of

Gaddafi and Search Poisoning: Think before clicking on search results

Scam artists and cyber-criminals welcomed today's news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (often referred to as simply Gaddafi or Gadhafi). Why? Because few events fuel Internet search activity as much as the death of a famous–or infamous–person, although celebrity weddings and divorces are also a big search driver. It's a

Tricare Injects B for Billions Into Privacy Breach Costs

There I was last Friday morning, attending a cybersecurity conference hosted by the very venerable but also very high tech law firm of Foley and Lardner, awaiting my turn to speak, and the presenter said something about the cost of privacy breaches. At that moment, a news alert popped up on my iPhone: TRICARE Hit

Mining Social Data Led to Johansson and Aguilera Hacks

News that the FBI has arrested the Florida man they suspect of criminally hacking into devices belonging to celebrities such as Scarlett Johansson and Christina Aguilera is welcome, definitely a win for law enforcement and society at large. But the good news comes with a warning. The technique used by the alleged perpetrator was to

Virus Bulletin 2011: Fake but free…

ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish