Introduction Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8. While Microsoft was an early adopter in the creation of smartphones with
Exactly how people will abuse digital technology for their own ends is difficult to predict, but organizations must plan ahead to protect data and systems. That's why we have been posting our "best guess" cybersecurity predictions on the Threat Blog this month. Today we present 9 of the most important predictions in the form of
Java will consolidate its position as the successor to PDF and SWF in the favourite exploits stakes.
This article examines the relationship between the Black Hole exploit kit and Win32/Carberp.
Old hoaxes never die. They just get transplanted to Facebook.
Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac.
This is the last segment in the series. To begin with, I have a question for you… What do you call a device that has a 1 gigahertz microprocessor, 512 megabytes of RAM, several gigabytes of solid state storage, runs programs, can be programmed, and can access the internet? Sound a bit like a Netbook,
In the first part of this blog I told you how to use the basic Flash configuration utility. This blog is for the techies. This time I’ll share with you how to shut the doors on Flash and only open them to the sites you want to trust. Very few people seem to know that
Adobe Flash is, in my opinion, the most ubiquitous spyware in the world and no products detect it as such. The reason it goes undetected is that it also has numerous legitimate uses, however, there is growing evidence that indicates significant abuse. This will be the first in a series of blogs in which I
Recently a lawsuit was filed against Walt Disney’s internet subsidiary and some of its partners as well. http://www.theregister.co.uk/2010/08/17/flash_cookie_lawsuit/ At issue is the use of a special kind of cookie that is used in conjunction with Adobe Flash. These “supercookies” are called Local Shared Objects or LSOs for short. LSOs are not deleted when you use
Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it: NOTE: The audio is not
I was speaking with our friend David Perry at Trend Micro about the insecurity of social networking services and what steps users could take to strengthen their security online. In the course of our conversation, we came up with a list of simple steps you could take to better protect yourselves. Be careful about whom you
As I previously pointed out http://www.eset.com/threat-center/blog/2009/08/04/calling-adobe%E2%80%99s-bluff, Adobe is at best deceptive about claims of the security and privacy of Flash. Even if you do not know what flash is or how to find it, you probably have it on your computer. If you open control panel and go to the “add or remove programs” application
Stephen Northcutt, with the SANS Technology Institute, suggested the following in the SANS NewsBites Vol. 11 Num. 61: [Editor’s Note (Northcutt): I think organizations should avoid Adobe if possible. Adobe security appears to be out of control, and using their products seems to put your organization at risk. Try to minimize your attack surface. Limit
Adobe has issued an important announcement, much of it relating to the impact of vulnerabilities in the Microsoft Active Template Library (ATL) flagged as CVE-2009-0901, CVE-2009-2395, CVE-2009-2493 and described in Microsoft Security Advisory (973882) on Adobe products used as Internet Explorer plug-ins. It appears that Flash Player and Shockwave Player “leverage” vulnerable versions of ATL. According to