General | WeLiveSecurity

General

PIN Money

Further to an earlier blog about the "broken" Chip & PIN credit card security system (strictly speaking, the primary problem described is with EMV), it's noticeable that, as John Leyden puts it, "Industry groups [have] leap[t] to Chip and PIN's defence." In fact, the response has been a bit more mixed than that. But there

Fake Conficker Alerts

Urban Schrott, IT Security & Cybercrime Analyst at ESET Ireland, reports seeing more e-mail pretending to be from Microsoft is circulating, "warning" computer users that "Conflicker" is again spreading rapidly. ESET's ThreatSense engine identifies the malware as Win32/Kryptik.CLU trojan, and running it would result in further malware infections. Here's an example Urban quotes of one

PleaseRobMe

We seem to have pointed out rather often recently that giving away lots of information on Facebook, Twitter and other social network sites isn't a good idea. PleaseRobMe claims, somewhat amusingly, to be a resource for burglars, saving them the trouble of searching through Twitter and Foursquare for information on whose house is currently unoccupied. In

Hoaxes and semi‑hoaxes

Eveline Goy commented on a previous blog on "When is a hoax not a hoax?", and I thought it was too good a comment to let it lie unnoticed. Dear Mr Harley You might be interested to know that the MISSING GIRL email re Rachelle Marie Smith is now being distributed in Australia.   Of course

I Have a Little (Wild)List*

* http://math.boisestate.edu/gas/mikado/webopera/mk105a.html Kevin Townsend posted a blog in response to a piece by Mike Rothman at Securosis. Mike’s piece on “The Death of Product Reviews” makes some pretty good points about security product reviews in general. Kevin’s piece is more specific to anti-malware. He too makes some useful discussion points about the value or otherwise

Operation Cyber ShockWave

While serving in the Marine Corps, one activity that I felt was effective in preparing both myself and my unit to be able to handle real-world scenarios, was getting as much experience as possible from military training exercises. In most cases multiple branches worked together or, as in the case with NATO exercises, multiple countries

Infected CD: update

  Here's a little more information about the CD that caused the trouble described at http://www.eset.com/threat-center/blog/2010/02/16/infected-drivers-cd, It came with a motherboard bought by the customer from Newegg. They say that when they called Newegg and told them about the CD, they sent links to download clean drivers. It's may be, therefore, that the problem lies with Newegg rather

Infected Drivers CD?

Here's some news from the ESET Virus Lab in Slovakia. One of our clients encountered an interesting infection within his network. The problem seemed to originate from the drivers CD that comes with the device he bought, the Habey BIS-6550HD, a fanless Atom-powered system, though we haven't seen the CD itself. Our analysis of the

Cascading False Positives

 Security researchers work together and share information in many ways and in many contexts that aren't constrained by company boundaries, but it's unusual for security researchers working for different vendors to join forces in a company blog. However, John Leyden of The Register contacted us both when he was writing an article on the controversy following

iPhones, jailbreaking and blocked Apple IDs

[Update: The Register's John Leyden has also commented on the issue at http://www.theregister.co.uk/2010/02/16/apple_bans_iphone_hackers/] There's been a burst of interest in the last day or so in the blocking of certain Apple IDs from the iTunes App Store. Some bloggers have suggested that this might be a precursor to a massive blocking of jailbroken phones from accessing

Worth Reading

Google's lack of responsiveness on their own supoprt forums is telling. http://www.google.com/support/forum/p/gmail/thread?tid=6a1537053d29da99&hl=en Google has changed their mantra to "do nothing that isn't evil." I think the NSA wants to learn from Google, not the other way around :) Randy Abrams Director of Technical Education

Has Chip & PIN Had Its Chips?

[Update: added some extra links at http://avien.net/blog/?p=422] Here, so to speak, is a bit of hot potato*. Flippancy notwithstanding, this isn't really funny. For several years now, Brits have enjoyed a banking card system called chip and PIN, a simple form of two-factor authentication for in-person credit and debit card transactions. In countries where the

Ten Ways to Dodge Cyber‑Bullets (Part 8)

[Part 8 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Anti-Virus isn’t Total Security Don’t expect antivirus alone to protect you from everything. Use additional measures such as a personal firewall, antispam and

Valentine Scams: Romancing the Stony‑Hearted

As we've seen so many times before, cybercriminals are not ashamed to exploit horrors like the Haiti earthquake or 9/11, so it would be naive to expect them not to make use of our warmer sentiments, too. My colleague Urban Schrott at ESET Ireland has just blogged a cautionary note on that very topic.  I recently blogged

Good News. Old News. Conveniently Timed News…?

News has just been released about the shutting down of what is believed to be the "biggest hacker training site" in China. This is good news. Three people from the Hubei province were arrested and the website was closed down. The site was known as the "Black Hawk Safety Net". It is reported that, since

NOD32 Antivirus for Mac: Some Questions

These are a few questions relating to ESET's antivirus scanner for OS X, which is currently in beta, that I was asked in response to a post at Mac Virus. (If you want to take the beta out for a spin, you can still download it at http://beta.eset.com/macosx.) As these questions are very ESET-specific, I

Ten Ways to Dodge Cyber‑Bullets (Part 7)

[Part 7 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.] Call For Backup If sensitive information is stored on your hard drive (and if you don’t have something worth protecting on your system,

Mac Virus Resurgent

No, I'm not talking about a newly-discovered and virulent OS X upconversion of SevenDust or AutoStart 9805. Mac Virus is a site founded by Susan Lesch in the 1990s, when pre-OS X Mac-specific malware was still a serious issue – AutoStart in particular caused significant damage back then – and cross-platform macro viruses were also a major

Who Is Doing It? Who? Who….?!

Every now and then, when I get a new batch of spam emails (which happens with monotonous regularity), I wonder who is clicking on those links to purchase products when they get spam emails offering great deals. Are there actually that many guys out there with erectile problems? Are there really that many people out

Kaspersky, Virus Total, and Unacceptable Shortcuts

Larry Seltzer posted an interesting item yesterday.  The article on "SW Tests Show Problems With AV Detections " is  based on an "Analyst's Diary" entry called "On the way to better testing." Kaspersky did something rather interesting, though a little suspect. They created 20 perfectly innocent executable files, then created fake detections for ten of them.